It Looks Like a School Vape Detector. A Teen Hacker Showed It Could Become an Audio Bug

#cybersecurity #infosec #microsoft

Microsoft warns of serious vulnerability in hybrid Exchange deployments

Sofia Elizabella Wyciślik-Wilson / betanews - Microsoft has issued a warning about a high-severity vulnerability in hybrid Microsoft Exchange Server deployments. Tracked as CVE-2025-53786, the vulnerability could allow for privilege escalation by cyber threat actors with administrative access to an o…

CISA has issued an emergency directive ordering all Federal Civilian Executive Branch (FCEB) agencies to mitigate a critical Microsoft Exchange hybrid vulnerability tracked as CVE-2025-53786 by Monday morning at 9:00 AM ET.

6 months / bsky / @bleepingcomputer.com / bleepingcomputer.com

CISA orders fed agencies to patch new Exchange flaw by Monday

6 months / bleepingcomputer / Lawrence Abrams

Microsoft, CISA warn yet another Exchange server bug can lead to 'total domain compromise'

6 months / theregister / Jessica Lyons

Microsoft warns of serious vulnerability in hybrid Exchange deployments

7 months / betanews / Sofia Elizabella Wyciślik-Wilson

CISA, Microsoft issue alerts on ‘high-severity’ Exchange vulnerability

7 months / therecord

Microsoft warns of high-severity flaw in hybrid Exchange deployments

#cybersecurity #dataprivacy #chatgpt #cybercrime

An invisible prompt in a Google Doc made ChatGPT access data from a victim’s Google Drive

Maximilian Schreiner / the-decoder - A single manipulated document was enough to get ChatGPT to automatically extract sensitive data—without any user interaction.The article An invisible prompt in a Google Doc made ChatGPT access data from a victim’s Google Drive appeared first on THE DECODE…

Security Researchers Just Hacked ChatGPT Using A Single 'Poisoned' Document

6 months / bgr

ChatGPT vulnerability allows hidden prompts to steal Google Drive cloud data

6 months / techspot

An invisible prompt in a Google Doc made ChatGPT access data from a victim’s Google Drive

ChatGPT Flaw Allows Zero-Click Data Theft From Google Drive via ‘Poisoned’ Documents

Sam Altman Seems To Be Teasing GPT-5 Powering OpenAI's Hardware

OpenAI’s new GPT-5 models announced early by GitHub

Tom Warren / theverge - GitHub has accidentally announced OpenAI’s new range of GPT-5 models. A now-deleted GitHub blog post reveals that GPT-5, which will be available in four different versions, offers “major improvements in reasoning, code quality, and user experience.” Reddi…

#ai #cybersecurity #openai #chatgpt

6 months / bgr

ChatGPT App Just Got A Big Makeover Ahead Of The GPT-5 Release

6 months / bgr

From Monolith to Menu: GPT-5 Leaks Reveal OpenAI’s New Strategy to Dominate the AI Market

OpenAI's GPT-5 Models Leak On GitHub Ahead Of Official Reveal

7 months / bgr

A deleted GitHub post gives an early look at OpenAI’s next major model, GPT-5

GitHub Leak Reveals OpenAI’s GPT-5 and Four New Models Ahead of Official Launch

OpenAI’s new GPT-5 models announced early by GitHub

7 months / theverge / Tom Warren

Microsoft accidentally confirms GPT-5, GPT-5-Mini, GPT-5-Nano ahead of launch

7 months / bleepingcomputer / Mayank Parmar

There's a Tea app for men, and it also has security problems

Anna Washenko / engadget - Tea bills itself as a safety dating app for women, allowing users to anonymously share details about men they have met. A new app called TeaOnHer has emerged that attempts to flip the script, with men sharing information about women they date. And while T…

#cybersecurity #infosec #apps #security

There's a Tea app for men, and it also has security problems

7 months / engadget / Anna Washenko

A rival Tea app for men is leaking its users’ personal data and driver’s licenses

7 months / techcrunch / Amanda Silberling, Zack Whittaker

Hackers Used An Infected Calendar Invite To Hack Gemini And Take Control Of A Smart Home

bgr - The dangers of AI are becoming increasingly apparent, as hackers found a way to use Google's Gemini chatbot to take over a stranger's smart home devices.

#cybersecurity #infosec #cybercrime #hack

Image post - please click to view at origin

7 months / bsky / @arstechnica.com / arstechnica.com

Researchers hacked Google Gemini to take control of a smart home

7 months / engadget / Anna Washenko

Hackers Used An Infected Calendar Invite To Hack Gemini And Take Control Of A Smart Home

7 months / bgr

Researchers design “promptware” attack with Google Calendar to turn Gemini evil

7 months / arstechnica / Ryan Whitwam

Microsoft unveils Project Ire, an AI system that automatically detects malware

Maximilian Schreiner / the-decoder - Microsoft has unveiled Project Ire, an AI system designed to automatically analyze software files and determine whether they contain malware.The article Microsoft unveils Project Ire, an AI system that automatically detects malware appeared first on THE D…

#ai #cybersecurity #automation #microsoft

Microsoft's Autonomous AI Agent Might Detect Malware Without Human Assistance

7 months / bgr

Microsoft researchers bullish on AI security agent even though it let 74% of malware slip through

7 months / theregister / Jessica Lyons

Microsoft unveils Project Ire, an AI system that automatically detects malware

Microsoft unveils Project Ire, an autonomous AI agent that identifies malware at scale

7 months / siliconangle / Kyt Dotson

Microsoft’s ‘Agentic Web’ Ambition Hit by Embarrassing Security Flaw

Markus Kasanmascheff / winbuzzer - A critical security flaw in Microsoft's new NLWeb protocol raises questions about its 'agentic web' strategy, despite a quick patch from the company.The post Microsoft’s ‘Agentic Web’ Ambition Hit by Embarrassing Security Flaw appeared first on WinBuzzer.

#cybersecurity #infosec #microsoft #security

Microsoft’s ‘Agentic Web’ Ambition Hit by Embarrassing Security Flaw

Microsoft AI web project NLWeb plagued by common security flaw

7 months / mobilesyrup / Jonathan Lamont

Microsoft’s plan to fix the web with AI has already hit an embarrassing security flaw

7 months / theverge / Tom Warren

Cohere’s new AI agent platform, North, promises to keep enterprise data secure

Rebecca Bellan / techcrunch - Canadian AI firm Cohere is taking aim at alleviating data privacy concerns with its new AI agent platform, North, which can be deployed privately so that enterprises and governments can keep their, and customers', data safe behind their own firewalls.

#ai #cybersecurity #enterprise #cloudsec

Cohere launches its North AI productivity platform into general availability

7 months / siliconangle / Maria Deutscher

Cohere’s new AI agent platform, North, promises to keep enterprise data secure

7 months / techcrunch / Rebecca Bellan

Cohere pitches security and productivity with general release of North enterprise AI platform

7 months / betakit / Madison McLauchlan

UK MoD taps Australian cybersecurity startup Castlepoint after Afghan data breach

Lucy Adams / tech - Britain's Ministry of Defence (MoD) has selected Australian firm Castlepoint Systems to provide services for automating data classification and reducing the risk of human error. The company is now hea...

#cybersecurity #infosec #defensetech #uk

UK's Ministry of Defence pins hopes on AI to stop the next massive email blunder

7 months / theregister / Connor Jones

UK MoD taps Australian cybersecurity startup Castlepoint after Afghan data breach

7 months / tech / Lucy Adams

WhatsApp launches new tools to stop scammers

Sofia Elizabella Wyciślik-Wilson / betanews - WhatsApp is now an essential communication tool for both personal and business use, and its popularity means that it is also a prime target for scammers. As such, the company has just announced the rollout of a new series of tools designed to help keep us…

#cybersecurity #apps #scam

WhatsApp is introducing a new security feature that will help users spot potential scams when they are being added to a group chat by someone not in their contact list.

7 months / bsky / @bleepingcomputer.com / bleepingcomputer.com

WhatsApp launches new tools to stop scammers

7 months / betanews / Sofia Elizabella Wyciślik-Wilson

WhatsApp adds new security feature to protect against scams

Dell fixed security chip vulnerability that left millions open to attack

Dell fixed security chip vulnerability that left millions open to attack

Brad Bennett / mobilesyrup - Tens of millions of Dell laptops were recently discovered to have a vulnerability that could have allowed hackers to steal sensitive data from users and monitor some of their computer activities. Dell validated this security analysis in June, and it appea…

#cybersecurity #infosec

7 months / mobilesyrup / Brad Bennett

Critical ‘Revault’ Flaws Leaves over 100 Dell Laptop Models Vulnerable if Unpatched

WhatsApp Declares War on Scams with New ‘Safety Overview’ for Group Chats

WhatsApp Bans 6.8 Million Scam Accounts in Global Crackdown

John Quintet / iphoneincanada - WhatsApp says it blocked more than 6.8 million accounts linked to global scam operations in the first half of this year, part of a growing crackdown on criminal networks that often rely on forced labour and organized crime in Southeast Asia. ers. Tech sca…

#cybersecurity #internet #apps #scam

WhatsApp Bans 6.8 Million Scam Accounts in Global Crackdown

7 months / iphoneincanada / John Quintet

WhatsApp adds new warning about potential group chat messaging scams

7 months / engadget / Anna Washenko

WhatsApp Adds Tools to Save You From Scams

7 months / cnet / Omar Gallaga

WhatsApp adds new features to protect against scams

7 months / techcrunch / Aisha Malik

NVIDIA Patches Critical Triton Server Vulnerabilities Enabling Full AI System Takeover

Markus Kasanmascheff / winbuzzer - NVIDIA has patched critical RCE flaws in its Triton Inference Server after Wiz Research found an exploit chain allowing full AI system takeover. Update now.The post NVIDIA Patches Critical Triton Server Vulnerabilities Enabling Full AI System Takeover app…

#cybersecurity #infosec #nvidia #gpu

NVIDIA Patches Critical Triton Server Vulnerabilities Enabling Full AI System Takeover

Chained bugs in Nvidia's Triton Inference Server lead to full system compromise

7 months / theregister / Connor Jones

Hacker used a voice phishing attack to steal Cisco customers’ personal information

Lorenzo Franceschi-Bicchierai / techcrunch - Cisco disclosed a data breach including customer names, organization names, addresses, email addresses, and phone numbers of Cisco.com users.

#cybersecurity #dataprivacy #infosec

Image post - please click to view at origin

7 months / bsky / @arstechnica.com / arstechnica.com

Voice phishers strike again, this time hitting Cisco

7 months / arstechnica / Dan Goodin

Cisco Confirms Data Breach After Voice Pishing Attack on Employee Compromises CRM

Hacker used a voice phishing attack to steal Cisco customers’ personal information

7 months / techcrunch / Lorenzo Franceschi-Bicchierai

Cisco discloses data breach impacting Cisco.com user accounts

#cybersecurity #infosec #cloudsec

SonicWall urges customers to disable SSLVPN amid reports of ransomware attacks

Zack Whittaker / techcrunch - Security researchers say they have evidence that ransomware gangs are hacking into large companies that rely on fully-patched SonicWall firewalls. The researchers say it's likely the flaw is a "zero-day" bug currently unknown to SonicWall.

SonicWall urges customers to disable SSLVPN amid reports of ransomware attacks

7 months / bsky / @techcrunch.com / techcrunch.com

SonicWall urges customers to disable SSLVPN amid reports of ransomware attacks

7 months / techcrunch / Zack Whittaker

SonicWall urges admins to disable SSLVPN amid rising attacks

#cybersecurity #infosec #cloudsec #internet

Cloudflare Blocks Perplexity for Skirting Web Scraping Rules: What’s at Stake?

Azdhan / medianama - Cloudflare blocks Perplexity AI bots for violating anti-scraping rules and masking crawler identity.The post Cloudflare Blocks Perplexity for Skirting Web Scraping Rules: What’s at Stake? appeared first on MEDIANAMA.

Perplexity vexed by Cloudflare's claims its bots are bad

7 months / theregister / Thomas Claburn

Cloudflare Accuses Perplexity of Skirting No-Crawl Rules

7 months / pymnts / PYMNTS

Cloudflare Accuses Perplexity of Stealth-Crawling Blocked Sites

7 months / iphoneincanada / Usman Qureshi

Some people are defending Perplexity after Cloudflare ‘named and shamed’ it

7 months / techcrunch / Julie Bort

Cloudflare vs. Perplexity, ChatGPT Break Warnings, and the $75B SEO Collapse

7 months / implicator / Marcus Schuler

Cloudflare Blocks Perplexity for Skirting Web Scraping Rules: What’s at Stake?

7 months / medianama / Azdhan

Cloudflare de-lists Perplexity, alleges stealth scraping

7 months / siliconrepublic / Ann O’Dea

World's largest chipmaker TSMC says it has discovered potential trade secret leaks

cnbc - TSMC dominates the market for the manufacturing of the most advanced chips on the planet and counts major firms like Apple and Nvidia as clients.

#cybersecurity #semiconductors #chips

Employees Arrested Over Alleged Theft of Chip Tech for Apple A20 Chip

7 months / macrumors / Hartley Charlton

Taiwan Uses National Security Law to Arrest TSMC Workers in Chip Espionage Case

7 months / implicator / Maria Garcia

Taiwan’s TSMC fires engineers over suspected theft of semiconductor secrets

7 months / therecord

TSMC launches legal action against former employees for allegedly trying to leak 2nm trade secrets

7 months / techspot

US considers tracking AI chips, TSMC fires employees over the theft of advanced technology