Cybersecurity
-
Indirect Prompt Injection Risks in AI Long-Term Memory
Source: Palo Alto Networks Unit 42Read more: Indirect Prompt Injection Risks in AI Long-Term MemoryIndirect prompt injection can compromise AI agents by poisoning their long-term memory, causing malicious instructions to persist. This vulnerability may…
-
ClayRat Android Spyware Masquerades as Popular Apps to Deceive Users
Source: BleepingComputerRead more: ClayRat Android Spyware Masquerades as Popular Apps to Deceive UsersClayRat is a new Android spyware that disguises itself as popular apps like WhatsApp, TikTok, and YouTube to trick users…
-
SonicWall Cloud Backup Service Firewall Configurations Exposed in Brute-Force Attack
Source: CyberScoopRead more: SonicWall Cloud Backup Service Firewall Configurations Exposed in Brute-Force AttackA brute-force attack compromised firewall configuration backup files for all SonicWall customers using its cloud backup service. The incident exposed…
-
Storm-2657 Gang Targets US University HR Employees in Payroll Hijacking Attacks
Source: BleepingComputerRead more: Storm-2657 Gang Targets US University HR Employees in Payroll Hijacking AttacksSince March 2025, the Storm-2657 cybercrime group has been conducting ‘pirate payroll’ attacks by targeting university HR employees across the…
-
Hackers Employ Velociraptor DFIR Tool in LockBit and Babuk Ransomware Attacks
Source: BleepingComputerRead more: Hackers Employ Velociraptor DFIR Tool in LockBit and Babuk Ransomware AttacksCybercriminals have begun utilizing the Velociraptor digital forensics and incident response (DFIR) tool in ransomware campaigns involving LockBit and Babuk…
-
Microsoft Defender for Endpoint Incorrectly Flags SQL Server as End-of-Life
Source: BleepingComputerRead more: Microsoft Defender for Endpoint Incorrectly Flags SQL Server as End-of-LifeMicrosoft has identified an issue where its Defender for Endpoint security platform mistakenly marks SQL Server software as end-of-life. The…
-
Proof-of-Concept Attack Exploits GitHub Copilot to Exfiltrate Code and Secrets
Source: Dark ReadingRead more: Proof-of-Concept Attack Exploits GitHub Copilot to Exfiltrate Code and SecretsA security researcher demonstrated a novel proof-of-concept attack that uses GitHub Copilot to exfiltrate code and sensitive information. Despite GitHub’s…
-
China-Aligned UTA0388 Threat Actor Uses Go-Based GOVERSHELL Implant in Spear-Phishing Campaigns
Source: The Hacker NewsRead more: China-Aligned UTA0388 Threat Actor Uses Go-Based GOVERSHELL Implant in Spear-Phishing CampaignsThe China-aligned threat actor UTA0388 has conducted spear-phishing campaigns targeting North America, Asia, and Europe. These attacks deliver a Go-based…
-
RondoDox Botnet Exploits 56-Day Zero-Day Vulnerabilities Across 30+ Devices
Source: BleepingComputerRead more: RondoDox Botnet Exploits 56-Day Zero-Day Vulnerabilities Across 30+ DevicesThe RondoDox botnet has emerged as a large-scale threat targeting 56 different vulnerabilities in over 30 devices, including flaws revealed…
-
SonicWall Reports Full Exposure of Firewall Backup Data in Cloud Breach
Source: Dark ReadingRead more: SonicWall Reports Full Exposure of Firewall Backup Data in Cloud BreachSonicWall updated the impact of its recent security breach, revealing that 100% of customers using its cloud backup service for…