Data Breaches Affect Luxury Retailers: Pandora and Chanel Experience Cybersecurity Incidents In recent reports, luxury retailers Pandora and Chanel have fallen victim to significant data breaches, raising concerns over the vulnerabilities that affect even high-profile brands in the retail sector.…
June 19, 2025
Linux / Vulnerability
Cybersecurity researchers have identified two local privilege escalation (LPE) vulnerabilities that could potentially provide root access on various major Linux distributions. The issues, revealed by Qualys, are detailed below:
“These modern ‘local-to-root’ vulnerabilities have bridged the divide between a regular user and complete system control,” stated Saeed Abbasi, Senior Manager at Qualys Threat Research Unit (TRU). “By leveraging legitimate services like udisks loop-mounts and PAM/environment intricacies, attackers with any active GUI or SSH session can bypass polkit’s allow_active trust zone and gain root access within seconds.”
Qualys noted that CVE-2025-6018 is found in the PAM configuration of openSUSE Leap…
Critical Linux Vulnerabilities Expose Root Access Risks Across Major Distributions June 19, 2025 In a significant cybersecurity development, researchers from Qualys have identified two local privilege escalation vulnerabilities that could be exploited to attain root access on systems using prominent…
AT&T Settles Class Action Lawsuits Following Major Cyber Breaches In a significant development for data security, telecommunications leader AT&T has reached settlements for two class action lawsuits triggered by dual data breaches that unfolded in 2024. These incidents were notable…
Google Strengthens GenAI Security with Enhanced Multi-Layered Defenses Against Prompt Injection Threats
June 23, 2025
Artificial Intelligence / AI Security
Google has announced new safety measures aimed at fortifying its generative artificial intelligence (AI) systems against emerging threats such as indirect prompt injections. These attacks, unlike direct prompt injections that involve the submission of harmful commands, embed malicious instructions within external data sources like emails, documents, or calendar invites, potentially leading AI systems to leak sensitive information or execute harmful actions. In response, Google’s GenAI security team has developed a comprehensive “layered” defense strategy that raises the difficulty, cost, and complexity associated with executing successful attacks. This multifaceted approach includes model hardening and the introduction of specialized safeguards.
Google Enhances Security Measures to Protect GenAI from Prompt Injection Threats On June 23, 2025, Google announced strategic enhancements to the security of its generative artificial intelligence (AI) systems, aimed at countering sophisticated attack vectors such as indirect prompt injection.…
Fraud Management & Cybercrime, Ransomware Colt Technology Services Faces Major Disruption Following Ransomware Attack Prajeet Nair (@prajeetspeaks) • August 17, 2025 Image: aileenchik/Shutterstock Colt Technology Services, a multinational telecommunications company based in the UK, has reported widespread disruptions to its…
May 23, 2025
Artificial Intelligence / Cybersecurity Threats
Cybersecurity researchers have identified a critical indirect prompt injection vulnerability in GitLab’s AI assistant, Duo. This flaw could potentially allow malicious actors to access source code and inject untrusted HTML into the AI’s responses, redirecting users to harmful websites. GitLab Duo, an AI-driven coding assistant launched in June 2023 and built on Anthropic’s Claude models, has been shown to be vulnerable. According to findings from Legit Security, this weakness enables attackers to steal code from private projects, alter code suggestions for other users, and even exfiltrate sensitive undisclosed zero-day vulnerabilities. Prompt injection is a known class of vulnerabilities within AI systems, allowing threat actors to exploit large language models (LLMs) to manipulate user interactions.
GitLab Duo Vulnerability Exposes Users to Potential Code Hijacking and Malware Risks May 23, 2025 | Cybersecurity Insights Cybersecurity experts have recently identified a significant security vulnerability in GitLab’s AI coding assistant, Duo. This flaw involves indirect prompt injection, which…
AT&T Faces $177 Million Settlement Following Major Data Breaches AT&T is on the brink of a significant settlement that could impact millions of its customers, stemming from two substantial data breaches that were disclosed in March and July of the…
On June 23, 2025, cybersecurity researchers unveiled XDigo, a Go-based malware utilized in attacks against Eastern European government entities in March 2025. The cyber espionage campaign, known as XDSpy, has been targeting government agencies in Eastern Europe and the Balkans since 2011, with its origins traced back to early documentation by the Belarusian CERT in 2020. Recent years have seen numerous campaigns aimed at organizations in Russia and Moldova, deploying malware families such as UTask, XDDown, and DSDownloader to retrieve sensitive data from compromised systems. HarfangLab reported that the threat actor exploited a remote code execution vulnerability in Microsoft Windows, triggered by specially crafted LNK files, as part of a multi-stage attack approach.
XDigo Malware Exploits Windows LNK Vulnerability in Eastern European Government Attacks Cybersecurity analysts have identified a Go-based malware, designated XDigo, that has recently been employed in targeted cyberattacks against governmental entities in Eastern Europe. According to French cybersecurity firm HarfangLab,…
For insights on enhancing your organization’s cybersecurity measures, consider exploring Security Awareness Programs & Computer-Based Training and Training & Security Leadership. Authored by Brandy Harris • August 15, 2025 Every October, companies reexamine their cybersecurity protocols, reiterating that “Security is…
CISA Alerts on Potential Widespread SaaS Attacks Targeting App Secrets and Cloud Misconfigurations
May 23, 2025
Cloud Security / Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced that Commvault is actively monitoring cyber threats aimed at applications hosted in their Microsoft Azure environment. According to the agency, “Threat actors may have accessed client secrets for Commvault’s (Metallic) Microsoft 365 (M365) backup SaaS solution in Azure.” This breach potentially granted unauthorized access to Commvault’s customers’ M365 environments, where application secrets are stored. CISA further indicated that this activity might be part of a larger campaign targeting various SaaS providers’ cloud infrastructures that utilize default configurations and elevated permissions. This advisory follows Commvault’s recent revelation that Microsoft alerted the company in February 2025 about unauthorized activity from a nation-state threat actor within its Azure environment. The incident prompted…
CISA Issues Warning on Potential Widespread SaaS Attacks Targeting Application Secrets and Cloud Misconfigurations On May 23, 2025, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an important advisory concerning emerging cyber threats affecting applications running in cloud environments,…
