Security Bulletin

Your in-house AI agent must be properly protected and handled. Here's why to treat it as a privileged user governed by privileged access management.

Source code for the decryption method was published by programmer Yohanes Nugroho.

Remote code execution may be achieved on vulnerable servers with a single PUT API request.

In a cyber twist, attackers behind two of the campaigns are using the apps to redirect users to phishing and malware distribution sites.

The ClickFix attack tactic seems to be gaining traction among threat actors.

A new threat assessment from the Danish Civil Protection Authority (SAMSIK) warned of cyberattacks targeting the telecommunications sector after citing a wave of incidents hitting European organizations the past few years.

The BEC attacks rely on phishing lures that let the bad actors operate entirely within the Microsoft 365 ecosystem.

The researchers who discovered the initial assault warned that the simple, staged attack is just the beginning for advanced exploit sequences that will test cyber defenses in new and more difficult ways.

Microsoft’s prescription for doctor burnout and fatigue is an AI assistant.