Author: Admin
June 12, 2025Hacker NewsArtificial intelligence / safety saas AI changes everything – from how we coden, before we sell, before we provide security. But while most conversations focus on that II tin make it focus on what II Can break – If you don’t pay attention. Behind each AI agent, Chatbot or Automation Script lies an increasing number Inhuman identity – API keys, maintenance accounts, Oauth tokens – silently in the background. And here’s the problem: 🔐 They are invisible 🧠 They are powerful 🚨 They are not terrible In traditional identity security, we protect users. With AI, we calmly…
Zero Press AI Vulnerability exposes Copilot Microsoft 365 data without interaction with users
The new attacker called Echoleak has been described as vulnerability of artificial intelligence (AI) with zero click (AI), which allows poor actors to allocate sensitive data from the context of Microsoft 365 Copilot, which provide any interaction of users. The vulnerability of the critical evaluation was assigned to the CVE-2025-32711 ID (CVSS: 9.3). This does not require customer action and has already addressed Microsoft. There is no evidence that the deficiency was used angrily in the wild. “The introduction of AI teams in M365 Copilot allows an unauthorized attacker to disclose information on the network,” the company – Note in…
June 12, 2025Red LakshmananVulnerability / safety software Connectwise revealed that it plans to turn the digital code signing certificates used to sign the executable Files Screenconnect, Connectwise and Connectwise remote monitoring and management (RMM) from the security issues. Campaign – Note This does it “because of the concern caused by the third researcher on how Screenconnect did with some configuration data in previous versions.” While the company did not publicly specify the nature of the problem, it shed more light in non -public FAQ only available to its customers (and later shared on Reddit) – Concerns are related to Screenconnect…
More than 80,000 Microsoft Entra ID credits, directed using an open source Teamfiltration tool
June 12, 2025Red LakshmananSpecial Security / Active Directory Cybersecurity researchers have discovered a new accounting company (ATO), which uses an open source penetration scope, called Teamfiltration to violate ID Microsoft Entra (formerly Azure Active Directory). Activity, codonomena Unk_sneakystrike According to the data, more than 80,000 targeted user accounts in hundreds of cloud tenants of organizations, since in December 2024 there was a splash of the login’s attempts, which led to a successful absorption of accounts. “Attackers use API and Amazon Web Services servers Microsoft Teams and Amazon (AWS) located in various geographical regions to launch users’ removal and attempts to…
June 11, 2025Red LakshmananRedemption / cybercrime It has been noted that former members tied to Black Basta Redemption surgery follow their tested approach Wash on e -mail and Microsoft Teams Phishing To set permanent access to target networks. “Recently, attackers introduced the performance of Python’s script along with these methods using curls’ requests to get and deploy malicious loads,” – reliaquest – Note In a report that shared with Hacker News. Development is a sign that subjects threatens continue to rotate and overwhelm despite Black Basta brand suffer with a great blow and decrease after Public leak of their internal…
June 11, 2025Red LakshmananNetwork Security / Intelligence Threat The Greynoise Intelligence firm warned about the “coordinated activity of the rough force” aimed at the Manager Apache Tomcat interfaces. The company said this observe On June 5, 2025, an attempt attempts by gross force and entry, indicating that they can be focused efforts to “determine and access Tomcat’s exposing services”. To this end, 295 unique IP addresses were attempted by the rough force against the Tomcat manager on this date, and all of them are classified as malicious ones. Over the last 24 hours, 188 Unique IPS Most of them located…
In today’s security landscape, budgets are tough, the attacks are at odds, and new threats arise daily. Maintaining a strong security posture under these circumstances without a large team or budget can be a real problem. However, slim security models are not only possible – they can be very effective. River Island, one of the leading trading sellers in the UK, offers a powerful thematic study of how to do more with the smaller ones. As an Infosec River Island officer, Sunil Patel and his small team of three are responsible for providing more than 200 stores, e -commerce platform,…
In the modern cybersecurity landscape, most of the accents are located on firewalls, antiviral software and identification of the final points. Although these tools are needed, one critical layer is often not noticed: domain name system (DNS). As a starting point, almost every DNS Internet implementation is not just the main one – this is increasingly. When it remains unsecured, it becomes the only point of refusal that can disrupt services, redirect users or expose sensitive data. Ensuring it is not just a good practice – a necessity. Why DNS is the main part of the internet infrastructure Domain name…
June 11, 2025Red LakshmananCybercrime / malicious software On Wednesday, Interpol announced the dismantling of more than 20,000 malicious IP addresses or domains related to 69 malware options that theft of information. Joint action, codan is named The operation is safeoccurred from January to April 2025 and participated law enforcement agencies From 26 countries to identify servers, displaying physical networks and execution of purposeful removal. “These coordinated efforts have led to the removal of 79 percent of the identified IP IP”, interpol – Note In a statement. “The participating countries have reported 41 servers and more than 100 GB of data,…
June 11, 2025Red LakshmananIoT / vulnerability security On the GPS Sinotrack GPS devices, two safety vulnerabilities were opened that can be used to control certain remote features on connected vehicles and even track their places. “Successful operation of these vulnerabilities can allow the attacker to access devices without permission through the overall Internet management interface,” Cybersecurity and US Infrastructure (CISA) (CISA) Agency (CISA) – Note In advisory. “Access to the device profile can allow the attacker to perform some distant features on connected vehicles such as tracking the vehicle and shutdown on the fuel pump where it is maintained.” The…