π Microsoft 365 Copilot: New Zero-Click AI Vulnerability Allows Corporate Data Theft π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Researchers have found a flaw in Microsoft 365 Copilot that allows the exfiltration of sensitive corporate data with a simple email.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
π 12 Best MSSP Providers Businesses Trust and Grow With π
π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
Managed security services providers, or MSSP providers for short, have become essential allies to businesses in the face of soaring cyber attacks. These thirdparty experts step in to fill the critical cybersecurity gaps, delivering managed security servicesall backed by deep expertise that many inhouse teams simply cant afford. To help you find the right security The post 12 Best MSSP Providers Businesses Trust and Grow With appeared first on UnderDefense.π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
UnderDefense
Best MSSP Providers You Can Trust
See the list of 12 best MSSP providers that companies choose and recommend to strengthen cyber defense.
β€1
π Python Developer π
π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
The post Python Developer appeared first on UnderDefense.π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
UnderDefense
Python Developer - UnderDefense
π¦
The Week in Vulnerabilities: Ivanti, Versa Flaws Flagged by Cyble π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble The Week in Vulnerabilities Ivanti, Versa Flaws Flagged by Cyble " dataimagecaption"Cyble The Week in Vulnerabilities Ivanti, Versa Flaws Flagged by Cyble " datamediumfile"httpscyble.comwpcontentuploads202506CybleBlogsVulnerabilitiesIvanti300x150.png" datalargefile"httpscyble.comwpcontentuploads202506CybleBlogsVulnerabilitiesIvanti1024x512.png" title"The Week in Vulnerabilities Ivanti, Versa Flaws Flagged by Cyble 1" Cyble vulnerability intelligence researchers highlighted several highrisk IT and ICS vulnerabilities this week, including some that are actively targeted in attack attempts detected by Cyble honeypot sensors. As the week also included Patch Tuesday for many vendors, several new critical vulnerabilities emerged, including some that are already under active attack or...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
ποΈ Over 269,000 Websites Infected with JSFireTruck JavaScript Malware in One Month ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers are calling attention to a "largescale campaign" that has been observed compromising legitimate websites with malicious JavaScript injections. According to Palo Alto Networks Unit 42, these malicious injects are obfuscated using JSFuck, which refers to an "esoteric and educational programming style" that uses only a limited set of characters to write and execute code.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π¦Ώ First Known βZero-Clickβ AI Exploit: Microsoft 365 Copilotβs EchoLeak Flaw π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Security researchers uncovered EchoLeak, a zeroclick flaw in Microsoft 365 Copilot, exposing sensitive data without user action. Microsoft has mitigated the vulnerability.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
First Known Zero-Click AI Exploit: Microsoft 365 Copilotβs βEchoLeakβ Flaw
Security researchers uncovered βEchoLeak,β a zero-click flaw in Microsoft 365 Copilot, exposing sensitive data without user action. Microsoft has mitigated the vulnerability.
π΅οΈββοΈ Threat Actor Abuses TeamFiltration for Entra ID Account Takeovers π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Proofpoint researchers discovered a largescale campaign using the open source penetrationtesting framework that has targeted more than 80,000 Microsoft accounts.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Threat Actor Abuses TeamFiltration for Entra ID Attacks
Researchers discovered a large-scale campaign using the open-source penetration testing framework that has targeted more than 80,000 Microsoft accounts.
π Former CISA and NCSC Heads Warn Against Glamorizing Threat Actor Names π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Jen Easterly and Ciaran Martin called for a universal, vendorneutral cyber threat actor naming system.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Former CISA and NCSC Heads Warn Against Glamorizing Threat Actor Names
Jen Easterly and Ciaran Martin called for a universal, vendor-neutral cyber threat actor naming system
π₯1
π¦Ώ INTERPOL-Led Effort Dismantles Infostealer Malware Network in 26 Countries Across Asia-Pacific Region π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
INTERPOL partnered with GroupIB, Kaspersky, and Trend Micro to take down a cybercrime network. They alerted more than 216,000 individuals and organizations that were possible victims.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
INTERPOL-Led Effort Dismantles Infostealer Malware Network in 26 Countries Across Asia-Pacific Region
INTERPOL partnered with Group-IB, Kaspersky, and Trend Micro to take down a cybercrime network. They alerted more than 216,000 individuals and organizations that were possible victims.
π’ RSAC Conference 2025: The front line of cyber innovation π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Ransomware, quantum computing, and an unsurprising focus on AI were highlights of this year's event.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
RSAC Conference 2025: The front line of cyber innovation
Ransomware, quantum computing, and an unsurprising focus on AI were highlights of this year's event
π΅οΈββοΈ CISA Reveals 'Pattern' of Ransomware Attacks Against SimpleHelp RMM π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
A new Cybersecurity and Infrastructure Security Agency CISA advisory warned ransomware actors have been actively exploiting a critical SimpleHelp flaw since January.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
CISA Warns of Ransomware Attacks Against SimpleHelp RMM
A new Cybersecurity and Infrastructure Security Agency (CISA) advisory warned ransomware actors have been actively exploiting a critical SimpleHelp flaw since January.
π¦Ώ Top 5 Skills Entry-Level Cybersecurity Professionals Need π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Cybersecurity professional organization ISC2 found hiring managers prize teamwork, problemsolving, and analytical thinking in earlycareer employees.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Top 5 Skills Entry-Level Cybersecurity Professionals Need
Cybersecurity professional organization ISC2 found hiring managers prize teamwork, problem-solving, and analytical thinking in early-career employees.
ποΈ Discord Invite Link Hijacking Delivers AsyncRAT and Skuld Stealer Targeting Crypto Wallets ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A new malware campaign is exploiting a weakness in Discord's invitation system to deliver an information stealer called Skuld and the AsyncRAT remote access trojan. "Attackers hijacked the links through vanity link registration, allowing them to silently redirect users from trusted sources to malicious servers," Check Point said in a technical report. "The attackers combined the ClickFix.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
β€2π±1
π Threat Actors Target Victims with HijackLoader and DeerStealer π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Cyberattacks using HijackLoader and DeerStealer have been identified exploiting phishing tactics via ClickFix.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
π Threat Actors Target Victims with HijackLoader and DeerStealer π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Cyberattacks using HijackLoader and DeerStealer have been identified exploiting phishing tactics via ClickFix.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
π Threat Actors Target Victims with HijackLoader and DeerStealer π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Cyberattacks using HijackLoader and DeerStealer have been identified exploiting phishing tactics via ClickFix.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
π Archetyp Market Shut Down in Europe-wide Law Enforcement Operation π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Operation DEEP Sentinel has shut down Archetyp Market, the longestrunning dark web drug marketplace.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
π Archetyp Market Shut Down in Europe-wide Law Enforcement Operation π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Operation DEEP Sentinel has shut down Archetyp Market, the longestrunning dark web drug marketplace.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
π’ RSAC in focus: Key takeaways for CISOs π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The RSAC Conference 2025 spotlighted pivotal advancements in agentic AI, identity security, and collaborative defense strategies, shaping the evolving mandate for CISOs.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
RSAC in focus: Key takeaways for CISOs
The RSAC Conference 2025 spotlighted pivotal advancements in agentic AI, identity security, and collaborative defense strategies, shaping the evolving mandate for CISOs.
π Threat Actors Target Victims with HijackLoader and DeerStealer π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Cyberattacks using HijackLoader and DeerStealer have been identified exploiting phishing tactics via ClickFix.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
ποΈ U.S. Seizes $7.74M in Crypto Tied to North Koreaβs Global Fake IT Worker Network ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. Department of Justice DoJ said it has filed a civil forfeiture complaint in federal court that targets over 7.74 million in cryptocurrency, nonfungible tokens NFTs, and other digital assets allegedly linked to a global IT worker scheme orchestrated by North Korea. "For years, North Korea has exploited global remote IT contracting and cryptocurrency ecosystems to evade U.S.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity