Artificial Intelligence and Cybersecurity: Copilot Vulnerability Exposed By Pooja Tikekar August 21, 2025 In a recent development, Microsoft has discreetly addressed a vulnerability in its Copilot AI, which allowed users to manipulate access logs concerning corporate files. As the company intensifies its integration of this large language model into its…
BOSTON, Aug. 21, 2025 (GLOBE NEWSWIRE) — Thrive, a prominent global provider of technology outsourcing specializing in cybersecurity, cloud services, and traditional managed services, has unveiled a new Network Detection and Response (NDR) service aimed at bolstering cybersecurity for businesses. This service will continuously monitor networks for potential security incidents,…
A recent data breach at iiNet, one of Australia’s largest internet service providers, has spotlighted the ongoing security vulnerabilities in the nation’s digital infrastructure. This incident, which compromised personal information of over 280,000 customers, highlights the escalating challenge of safeguarding consumer data in an environment where cyber threats are both…
May 13, 2025
Category: Zero-Day / Vulnerability
A Türkiye-linked threat actor has exploited a zero-day vulnerability in the Indian enterprise communication tool Output Messenger as part of a cyber espionage campaign that began in April 2024. According to the Microsoft Threat Intelligence team, these exploits have led to the collection of sensitive user data from targets in Iraq. The focus of the attacks appears to align with the Kurdish military in Iraq, consistent with the previously documented objectives of the group known as Marbled Dust. This threat group, which has also been referred to as Silicon, Cosmic Wolf, Sea Turtle, Teal Kurma, and UNC1326, has been active since at least 2017. However, it wasn’t until 2019 that Cisco Talos documented their activities against both public and private entities in the Middle East and North Africa. Early last year, the group was also noted for targeting telecommunications and media sectors.
Turkish Hackers Exploit Zero-Day Vulnerability in Output Messenger to Deploy Golang Backdoors on Kurdish Servers Published: May 13, 2025 In a notable instance of cyber espionage, a Türkiye-affiliated threat actor has successfully leveraged a zero-day vulnerability in Output Messenger, an enterprise communication platform from India. This breach, which has been…
May 13, 2025
Category: Zero-Day / Vulnerability
A Türkiye-linked threat actor has exploited a zero-day vulnerability in the Indian enterprise communication tool Output Messenger as part of a cyber espionage campaign that began in April 2024. According to the Microsoft Threat Intelligence team, these exploits have led to the collection of sensitive user data from targets in Iraq. The focus of the attacks appears to align with the Kurdish military in Iraq, consistent with the previously documented objectives of the group known as Marbled Dust. This threat group, which has also been referred to as Silicon, Cosmic Wolf, Sea Turtle, Teal Kurma, and UNC1326, has been active since at least 2017. However, it wasn’t until 2019 that Cisco Talos documented their activities against both public and private entities in the Middle East and North Africa. Early last year, the group was also noted for targeting telecommunications and media sectors.
Mastering Hacking Skills: The Value of Offensive Security Training for Your Entire Security Team
May 14, 2025
Cybersecurity / Ethical Hacking
Organizations across various sectors are witnessing a sharp rise in cyberattacks, with critical infrastructure and cloud-based enterprises being particularly vulnerable. According to Verizon’s 2025 Data Breach Investigations Report, confirmed breaches surged by 18% year-over-year, and the exploitation of vulnerabilities for initial access grew by 34%. As the frequency and severity of attacks increase, many organizations rely on security tools and compliance standards as their primary defenses. While these elements are vital for reducing cyber risk, they are not foolproof solutions. Effective security hinges on the combination of people, processes, and technology, with the emphasis placed on skilled practitioners. Therefore, investing in offensive security training for all roles within the security team becomes crucial. Too often, the potential of offensive operations is underutilized…
Mastering Offensive Security: The Essential Training for Cybersecurity Teams As cyberattacks surge across various sectors, organizations are increasingly vulnerable to threats, especially those targeting critical infrastructure and cloud-based services. The recently published 2025 Data Breach Investigations Report by Verizon highlights a profound 18% year-over-year increase in confirmed breaches, with a…
Mastering Hacking Skills: The Value of Offensive Security Training for Your Entire Security Team
May 14, 2025
Cybersecurity / Ethical Hacking
Organizations across various sectors are witnessing a sharp rise in cyberattacks, with critical infrastructure and cloud-based enterprises being particularly vulnerable. According to Verizon’s 2025 Data Breach Investigations Report, confirmed breaches surged by 18% year-over-year, and the exploitation of vulnerabilities for initial access grew by 34%. As the frequency and severity of attacks increase, many organizations rely on security tools and compliance standards as their primary defenses. While these elements are vital for reducing cyber risk, they are not foolproof solutions. Effective security hinges on the combination of people, processes, and technology, with the emphasis placed on skilled practitioners. Therefore, investing in offensive security training for all roles within the security team becomes crucial. Too often, the potential of offensive operations is underutilized…
May 15, 2025
Cryptocurrency / Threat Intelligence
Coinbase has reported a data breach involving a small fraction of its users after cybercriminals targeted its overseas customer support agents. The company revealed that these criminals offered cash incentives to a limited number of insiders, who then extracted data concerning less than 1% of Coinbase’s monthly active users. The attackers aimed to compile a list of customers to impersonate Coinbase and trick them into surrendering their cryptocurrency assets. On May 11, 2025, the perpetrators attempted to extort Coinbase for $20 million, claiming possession of sensitive information about specific customer accounts and internal documents. In response, Coinbase confirmed that the compromised agents, based in India, have been terminated. The firm assured customers that no passwords, private keys, or funds were at risk.
Coinbase Faces Breach After Insider Compromise; User Data Exposed in Extortion Attempt May 15, 2025 In a recent security disclosure, Coinbase revealed that an unauthorized breach of its systems has resulted in the theft of account information pertaining to a small percentage of its user base. The cryptocurrency exchange stated…
May 15, 2025
Cryptocurrency / Threat Intelligence
Coinbase has reported a data breach involving a small fraction of its users after cybercriminals targeted its overseas customer support agents. The company revealed that these criminals offered cash incentives to a limited number of insiders, who then extracted data concerning less than 1% of Coinbase’s monthly active users. The attackers aimed to compile a list of customers to impersonate Coinbase and trick them into surrendering their cryptocurrency assets. On May 11, 2025, the perpetrators attempted to extort Coinbase for $20 million, claiming possession of sensitive information about specific customer accounts and internal documents. In response, Coinbase confirmed that the compromised agents, based in India, have been terminated. The firm assured customers that no passwords, private keys, or funds were at risk.
Data Privacy, Data Security, Healthcare <span class=”article-sub-title”>Settlement Includes Corrective Action Plan Aimed at Enhancing Risk Analysis</span> <span class=”article-byline”> <a class=”author-link” href=””>Marianne Kolbasuk McGee</a> (<a href=””><i class=”fa fa-twitter”/>HealthInfoSec</a>) • <span class=”text-nowrap”>August 18, 2025</span> <a href=””/> </span> <figure> <img src=”” alt=”Accounting Firm Pays Feds $175K for HIPAA Ransomware Breach” class=”img-responsive”/> <figcaption>Image: BST</figcaption>…
May 19, 2025
Threat Intelligence / Cybersecurity
Cybersecurity experts are not only combating attacks—they’re also safeguarding trust, ensuring system functionality, and upholding their organization’s reputation. This week’s events underscore a significant concern: as we deepen our reliance on digital tools, unseen vulnerabilities can silently intensify. Addressing issues isn’t sufficient anymore; resilience must be integrated from the ground up. This requires improved systems, fortified teams, and enhanced visibility across the organization. What we’re witnessing is not merely risk; it’s a clear indication that prompt action and informed decision-making are crucial, often more than striving for perfection. Here’s what emerged this week, along with key issues security teams need to prioritize.
⚡ Threat of the Week
Microsoft Addresses 5 Actively Exploited Zero-Day Flaws — In its May 2025 Patch Tuesday update, Microsoft remedied a total of 78 security vulnerabilities, five of which are currently being exploited in the wild. Noteworthy vulnerabilities include CVE-2025-30397, CVE-2025-…
Weekly Cybersecurity Recap: Zero-Day Exploits, Insider Threats, and Emerging Cyber Risks Date: May 19, 2025 In the ever-evolving landscape of cybersecurity, professionals face a dual challenge: defending against aggressive attacks while safeguarding trust, ensuring operational continuity, and preserving their organization’s reputation. Recent events have underscored a critical issue stemming from…
May 19, 2025
Threat Intelligence / Cybersecurity
Cybersecurity experts are not only combating attacks—they’re also safeguarding trust, ensuring system functionality, and upholding their organization’s reputation. This week’s events underscore a significant concern: as we deepen our reliance on digital tools, unseen vulnerabilities can silently intensify. Addressing issues isn’t sufficient anymore; resilience must be integrated from the ground up. This requires improved systems, fortified teams, and enhanced visibility across the organization. What we’re witnessing is not merely risk; it’s a clear indication that prompt action and informed decision-making are crucial, often more than striving for perfection. Here’s what emerged this week, along with key issues security teams need to prioritize.
⚡ Threat of the Week
Microsoft Addresses 5 Actively Exploited Zero-Day Flaws — In its May 2025 Patch Tuesday update, Microsoft remedied a total of 78 security vulnerabilities, five of which are currently being exploited in the wild. Noteworthy vulnerabilities include CVE-2025-30397, CVE-2025-…
June 17, 2025
Vulnerability / Enterprise Software
Cybersecurity experts have identified three significant vulnerabilities in the widely-used Sitecore Experience Platform (XP) that could be exploited to achieve pre-authenticated remote code execution (RCE). Sitecore XP is an enterprise software solution that offers tools for content management, digital marketing, and analytics.
The vulnerabilities are as follows:
Researcher Piotr Bazydlo from watchTowr Labs pointed out that the default user account “sitecore\ServicesAPI” has a hard-coded single-character password set to “b.” Notably, Sitecore’s documentation advises against altering default credentials. Although the user account lacks roles and permissions, the vulnerabilities still pose a serious risk.
Critical Security Flaws Discovered in Sitecore XP Could Lead to Remote Code Execution Risks On June 17, 2025, cybersecurity researchers revealed several significant vulnerabilities in the widely-used Sitecore Experience Platform (XP), posing a grave risk of remote code execution (RCE) in enterprise environments. Sitecore XP, renowned for its capabilities in…
June 17, 2025
Vulnerability / Enterprise Software
Cybersecurity experts have identified three significant vulnerabilities in the widely-used Sitecore Experience Platform (XP) that could be exploited to achieve pre-authenticated remote code execution (RCE). Sitecore XP is an enterprise software solution that offers tools for content management, digital marketing, and analytics.
The vulnerabilities are as follows:
Researcher Piotr Bazydlo from watchTowr Labs pointed out that the default user account “sitecore\ServicesAPI” has a hard-coded single-character password set to “b.” Notably, Sitecore’s documentation advises against altering default credentials. Although the user account lacks roles and permissions, the vulnerabilities still pose a serious risk.
