Latest Intelligence
Microsoft Uncovers 'Whisper Leak' Attack That Identifies AI Chat Topics in Encrypted Traffic
Microsoft has revealed a new side-channel attack, termed 'Whisper Leak', which can allow passive adversaries to extract information about conversation topics from encrypted network traffic involving remote language models. This vulnerability poses significant risks by potentially exposing sensitive data exchanged between users and AI models. Read Original »
'Landfall' Malware Targeted Samsung Galaxy Users
The 'Landfall' malware has been identified as a tool that allows its operators to conduct extensive surveillance on Samsung Galaxy users. This includes capabilities such as recording conversations, tracking locations, capturing photos, and collecting contacts from compromised devices. Read Original »
'Ransomvibing' Infests Visual Studio Extension Market
The article discusses a Visual Studio Code extension that openly encrypts and exfiltrates user data, revealing its malicious intent. Additionally, it shows clear signs of being generated by AI, raising concerns about security in the extension market. Read Original »
Microsoft Backs Massive AI Push in UAE, Raising Security Concerns
Microsoft is collaborating with G42 to establish a significant AI campus in the UAE, utilizing Nvidia GPUs. This ambitious project has raised concerns regarding cybersecurity and the implications of such large-scale AI initiatives. Read Original »
Samsung Zero-Click Flaw Exploited to Deploy LANDFALL Android Spyware via WhatsApp
A security flaw in Samsung Galaxy Android devices was exploited as a zero-day to deploy LANDFALL spyware in targeted attacks, particularly in the Middle East. The vulnerability, identified as CVE-2025-21042, has a high severity score and allowed remote attackers to execute arbitrary code. Read Original »
In Other News: Controversial Ransomware Report, Gootloader Returns, More AN0M Arrests
The article highlights several significant cybersecurity developments, including the charging of rogue ransomware negotiators and the resurgence of the Gootloader malware. Additionally, it mentions that Germany is targeting Huawei technology and that a hack involving F5 has led to new operational technology security guidance. Read Original »
From Log4j to IIS, China’s Hackers Turn Legacy Bugs into Global Espionage Tools
A China-linked threat actor has been attributed to a cyber attack against a U.S. non-profit organization, aiming for long-term persistence and targeting U.S. entities involved in policy issues. This incident highlights the ongoing global espionage activities associated with legacy vulnerabilities. Read Original »
Landfall Android Spyware Targeted Samsung Phones via Zero-Day
Threat actors have exploited a zero-day vulnerability, CVE-2025-21042, to deliver Landfall Android spyware through specially crafted images targeting Samsung phones in the Middle East. This incident highlights the ongoing risks associated with mobile device security. Read Original »
Radical Empowerment From Your Leadership: Understood by Few, Essential for All
The article emphasizes the importance of redefining power in leadership from control to trust, which can help teams unlock their potential and provide organizations with a competitive edge. This shift in perspective is portrayed as essential yet not widely understood. Read Original »
AI Agents Are Going Rogue: Here's How to Rein Them In
The article discusses the misapplication of human-centered identity frameworks to AI agents, which could lead to catastrophic outcomes at machine speed. Poghosyan highlights the urgency of addressing this issue to prevent potential disasters. Read Original »
AI Security Agents Get Personas to Make Them More Appealing
The article discusses the introduction of synthetic AI security agents designed to enhance the functionality of security operations centers. However, it emphasizes the need for governance to ensure these AI agents do not compromise security. Read Original »
Ollama, Nvidia Flaws Put AI Infrastructure at Risk
Security researchers have identified multiple vulnerabilities in AI infrastructure products, including a significant flaw that allows for remote code execution. These vulnerabilities pose a serious risk to the security of AI systems. Read Original »
Data Exposure Vulnerability Found in Deep Learning Tool Keras
A data exposure vulnerability has been identified in the deep learning tool Keras, tracked as CVE-2025-12058. This vulnerability allows for arbitrary file loading and could be exploited to conduct Server-Side Request Forgery (SSRF) attacks. Read Original »
ClickFix Attacks Against macOS Users Evolving
ClickFix attacks, which were previously aimed at Windows users, are now evolving to target macOS users with increasingly convincing prompts. This shift indicates a growing trend in cyber threats specifically designed for macOS platforms. Read Original »
Hidden Logic Bombs in Malware-Laced NuGet Packages Set to Detonate Years After Installation
A set of nine malicious NuGet packages has been discovered that can execute time-delayed payloads to disrupt database operations and compromise industrial control systems. These packages, published by a user named 'shanhai666', are programmed to activate malicious code after specific dates in August 2027. Read Original »