AI sidebar spoofing
-
Microsoft says on-prem Exchange flaw under active exploitation
Microsoft said an actively exploited Exchange Server flaw affects on-premises versions 2016, 2019 and Subscription Edition. The company issued temporary mitigations and said Exchange Online is not affected.
-
Researchers warn spoofed AI sidebars can trick Atlas and Comet users into dangerous actions
Security researchers at SquareX say they can use a malicious browser extension to overlay a fake AI sidebar in Atlas and Comet, tricking users into phishing pages, OAuth theft of Gmail/Drive access, or running commands that install a reverse shell.
