Tag: data exfiltration
146 articles

More Prompt||GTFO Exclusive Guide to Effortless Prompts
System prompts make AI assistants helpful — and can quietly turn them into persistent, data-harvesting agents. This guide explains how crafty instruction tweaks and PromptFix attacks corrupt the instruction stream and what to watch for to keep your assistant honest.

GlobalLogic Exclusive: Severe Oracle EBS Cl0p Attack
GlobalLogic pulls back the curtain on a severe Cl0p Oracle EBS attack. Learn what went wrong, who’s at risk, and the simple steps you can take now to protect your systems.

Prompt Injection: Exclusive Look at Dangerous AI Browsers
Think your AI assistant only reads whats on screen? Researchers warn that CometJacking — hidden prompts tucked into a URL — can trick “AI browsers” into handing over emails, calendar entries and cloud files without passwords or user prompts.

OpenAI Assistants API Exclusive: Critical SesameOp Backdoor
Imagine your helpful AI assistant secretly moonlighting as a command-and-control courier — researchers found the SesameOp backdoor using OpenAI’s Assistants API to stealthily ferry attacker commands and exfiltrated data. This clever pivot turns trusted productivity integrations into covert channels, forcing a rethink of how we govern and monitor AI tools.

DragonForce Cartel Exclusive Deadly Conti Ransomware Threat
Get an exclusive look at how the DragonForce Cartel is unleashing the deadly Conti Ransomware—and learn who’s at risk and simple steps you can take to protect yourself.

Shadow AI: Stunning Risk as 1 in 4 Use Unapproved Tools
What if a quarter of your team were quietly sharing company secrets with unapproved AI? Shadow AI—employees turning to consumer models to speed tasks—is convenient but can expose PII, IP and trigger costly compliance headaches.

Qilin Ransomware Exclusive: Alarming 40+ Cases Monthly
Qilin ransomware is surging — over 40 incidents monthly — using double‑extortion leak sites that weaponize stolen files into lasting reputational damage. Is your organization prepared to respond beyond just restoring backups?

Sneaky Mermaid attack: Exclusive Copilot data breach alert
A clever Sneaky Mermaid indirect prompt injection showed how hidden instructions buried in files could trick Microsoft 365 Copilot into leaking tenant data. Microsoft says it patched this specific flaw, but security teams warn the broader risk of stealthy, embedded prompt attacks is far from over.

Microsoft 365 Copilot Exclusive: Dangerous Mermaid Attack
The Mermaid attack revealed how a hidden prompt in an otherwise harmless file could trick Microsoft 365 Copilot into spilling emails and attachments. Microsoft patched the gap, but the episode is a clear reminder that giving AI broad access can turn convenience into a new, exploitable data risk.

Sneaky Mermaid attack: Exclusive critical Copilot leak
Researchers uncovered a Sneaky Mermaid trick that hid malicious instructions inside ordinary files to make Microsoft 365 Copilot leak tenant emails and attachments. Microsoft patched the specific vector, but the episode is a wake-up call about how AI assistants can be manipulated and why teams must shore up their digital defenses.

Toys R Us Canada Exclusive: Severe customer data breach
Toys R Us Canada customers woke up to a troubling disclosure: an unauthorized party accessed and published parts of a customer database, exposing names, contact details and some payment-related fields. The company’s response—without offering free credit monitoring—has left shoppers and privacy advocates demanding answers.

Security Leaders Exclusive: 77% Data Loss Is Costly
Insider-related data loss has hit 77% of organizations in the last 18 months — a costly, everyday emergency playing out in email threads, cloud buckets and third‑party integrations. Cloud sprawl, identity proliferation and siloed tooling — plus human shortcuts — turn trusted channels into easy exit ramps for sensitive data.

WestJet Exclusive Alert: Critical Data Breach Notified
WestJet Exclusive Alert: A June cyber intrusion may have exposed travel and loyalty-account data for roughly 1.2 million customers—including U.S. residents—so check your accounts now. WestJet says it’s working with forensic experts and law enforcement, but this notice is your cue to watch for phishing, reset passwords, and protect your identity.

Pakistani-Linked Hacker Group: Exclusive Threat to India
Pakistan-linked operators are quietly slipping DeskRAT into Indian government networks to siphon secrets — a stealthy espionage campaign that makes stronger detection, logging and diplomatic response urgent.

ransomware payments: Stunning Risky Surge to $3.6M
Ransomware payments jumped 44% to an average $3.6M in 2025 as attackers shift to fewer, higher-value strikes—forcing organizations to weigh grim pragmatism against costly downtime, data leaks, and regulatory fallout.

Snappybee malware: Alarming Risky Breach of EU Telecoms
A major European telecom was breached after attackers exploited a Citrix NetScaler flaw to deploy Snappybee — a modular espionage toolkit tied to the China-linked Salt Typhoon group — showing how trusted remote-access appliances can become gateways for stealthy data theft. The incident is a wake-up call to prioritize patching, segmentation, and behavioral detection before the next exploit hits.

Chinese-linked cyber operators: Stunning Risky Breach
What do you do when a partner becomes a suspect? Researchers found Chinese-linked hackers quietly breached a Russian IT provider — a rare pivot that shows geopolitical alignment doesn’t guarantee immunity and underscores how dangerous supply-chain compromises can be.

legacy Windows authentication: Must-Fix Risky Threat
Think your network’s locked? Resecurity warns that old Windows protocols like LM, NTLM and SMBv1 can hand attackers credential hashes — inventory, isolate, and migrate now before those easy paths are abused.

ArcGIS application Stunning: Risky Year-Long Persistence
A security firm found China-aligned hackers living undetected inside a trusted ArcGIS mapping app for over a year, turning a vital tool into a stealthy espionage platform. The takeaway: even everyday operational software needs strict security, continuous monitoring, and zero trust—because convenience shouldn’t mean vulnerability.

RMM software Must-Have Protections: Best Defenses
Remote monitoring tools like ScreenConnect make IT life easier—but when attackers hijack them through phishing or stolen credentials, that convenience becomes a powerful way to spread ransomware and steal data. Protect your RMM consoles with strong authentication, network segmentation, and vigilant monitoring before a single click turns into a network-wide crisis.

AI Vulnerability Reward Program: Exclusive $30K Best Win
Google’s new AI Vulnerability Reward Program offers up to $30,000 to researchers who responsibly report model flaws — a smart, practical move to incentivize fixes, curb abuse, and make AI safer for everyone.

Oracle E-Business Suite Risky: Must-Have Breach Guide
Google’s Threat Analysis Group says the Clop ransomware gang accessed a large volume of data from Oracle E-Business Suite — a wake-up call for any org that hasn’t checked who holds the keys to its crown jewels. Now’s the time to hunt for shadow EBS instances, tighten access, and patch or segment vulnerable systems before attackers turn stolen data into extortion.

Oracle EBS Must-Have Urgent Patch: Critical Risk
Britain’s NCSC is urging organisations to patch Oracle E-Business Suite immediately after the Clop ransomware gang was seen actively exploiting a critical flaw that could expose payroll, procurement and finance systems. If you run EBS, inventory your instances and apply the patch—or fast compensating controls—now to avoid disruption, data theft and costly ransom demands.

Medusa ransomware: Exclusive Critical Alert for Enterprises
Microsoft warns Medusa ransomware is actively exploiting a critical GoAnywhere file-transfer flaw, pushing organizations to act fast or risk serious disruption. If you use GoAnywhere, inventory instances, apply patches now, isolate affected systems, and hunt for signs of compromise before attackers turn this trusted tool into a catastrophe.