Security researchers at Aim Security discovered “EchoLeak”, the first known zero-click artificial intelligence (AI) vulnerability in Microsoft 365 Copilot that allowed attackers to silently siphon off sensitive corporate data by simply sending a maliciously crafted email that required no interaction from the user, no link-clicking, and no downloads. “This vulnerability represents a significant breakthrough in […]
Read More
Cybersecurity firm Huntress has uncovered a highly sophisticated hacking campaign targeting Mac users in the cryptocurrency sector, which utilized deepfake Zoom calls, clever social engineering, and Mac-specific malware in an unusually sophisticated operation. Huntress began investigating the intrusion on June 11, 2025, after a partner reported suspicious activity. The attack was ultimately attributed to the […]
Read More
In a troubling new wave of cyberattacks, a Russian state-sponsored cyber threat actor has been caught impersonating the U.S. Department of State to gain unauthorized access to Gmail accounts, specifically those belonging to targeted prominent academics and critics of Russia. According to security researchers at Google’s Threat Intelligence Group (GTIG), the attacks began in at […]
Read More
In a concerning development, cybercriminals are leveraging the popularity of artificial intelligence (AI) tools to distribute a new malware called ‘Noodlophile Stealer’ through Facebook. The Deceptive Tactic According to researchers at Morphisec, threat actors create fake “AI-themed” video generation platforms, promoted through seemingly legitimate Facebook groups and viral social media campaigns. These groups, boasting over 62,000 […]
Read More
UK retailer Marks & Spencer (M&S) has taken urgent steps to secure customer accounts following a cyberattack that compromised the personal data of its customers. M&S on Tuesday confirmed it was the target of a cyberattack three weeks ago that exposed customer information, prompting the company to reset passwords for affected users. […]
Read More
