Indirect prompt injection via URL fragments can manipulate AI outputs while evading traditional server-side visibility. Prompt injection, Indirect prompt injection, Shadow AI, HashJack, Microsoft Purview, Microsoft Sentinel Metadata Executive Summary…
Infostealer logs from 2024 allegedly expose Funnull backend access and a separate Gate.us compliance infiltration. Polyfill.io, Funnull, Lumma Stealer, supply chain compromise, DPRK IT workers, cloud account takeover Affected vendor…
Veracode’s 2026 State of Software Security finds remediation capacity falling behind development velocity, with third-party components driving the longest-lived high-risk exposure. Enterprise application portfolios are carrying record levels of long-standing…
In a significant development, the UK’s National Crime Agency (NCA) has named Aleksandr Ryzhenkov as a key figure in the notorious Russian cybercrime group Evil Corp, while also identifying him…
In September 2024, U.S. authorities raised alarms over a significant threat that has been quietly gaining momentum this year—RansomHub, a ransomware-as-a-service (RaaS) platform that has been targeting vital sectors across…
In **July 2024**, cybersecurity giant **CrowdStrike** faced a widespread **IT outage** that affected **over 8.5 million Windows systems** worldwide. This massive disruption was caused by a faulty update in CrowdStrike’s…
In May 2024, Okta, a leading provider of identity and access management (IAM) solutions, reported a significant increase in credential stuffing attacks targeting its user base. These attacks, which involve…
Mandiant has highlighted Russia and Iran as prominent state-sponsored cyber threats poised to disrupt the 2024 elections. Their tactics, often multilayered and complex, include data theft, DDoS attacks, disinformation, and…
IBM’s recent announcement of acquiring HashiCorp for $6.4 billion underscores a significant shift in the cybersecurity landscape. This strategic acquisition aims to bolster IBM’s capabilities in multi-cloud and hybrid environments,…
A new phishing campaign leveraging Autodesk Drive has come to light, targeting corporate users through seemingly legitimate PDF files. Cybersecurity experts at Netcraft have uncovered that attackers are exploiting compromised…