Latest Intelligence
Researchers Uncover GPT-5 Jailbreak and Zero-Click AI Agent Attacks Exposing Cloud and IoT Systems
Researchers have discovered a jailbreak technique that allows users to bypass the ethical safeguards of OpenAI's GPT-5, enabling the generation of illicit instructions. This method combines a known technique with narrative-driven steering to manipulate the model's output. Read Original »
Free Wi-Fi Leaves Buses Vulnerable to Remote Hacking
The article discusses how vulnerabilities in the onboard and remote systems of buses can be exploited by hackers, potentially allowing for tracking, control, and spying. The presence of free Wi-Fi on these buses exacerbates the security risks associated with these flaws. Read Original »
CyberArk and HashiCorp Flaws Enable Remote Vault Takeover Without Credentials
Cybersecurity researchers have identified 14 vulnerabilities in CyberArk and HashiCorp's enterprise secure vaults, collectively known as Vault Fault. These vulnerabilities could allow remote attackers to access corporate identity systems and extract sensitive enterprise secrets and tokens. Read Original »
60 RubyGems Packages Steal Data From Annoying Spammers
A Dark Web antihero is engaged in stealing and reselling credentials from online spammers, raising ethical questions about their motives. The situation highlights the ongoing issues of data theft and the underground economy surrounding it. Read Original »
Red Teams Jailbreak GPT-5 With Ease, Warn It’s ‘Nearly Unusable’ for Enterprise
Researchers have successfully demonstrated that multi-turn 'storytelling' attacks can bypass the prompt-level filters of GPT-5, revealing significant vulnerabilities in its security measures. As a result, they warn that the model is 'nearly unusable' for enterprise applications due to these systemic weaknesses. Read Original »
BigID Launches Shadow AI Discovery to Uncover Rogue Models and Risky AI Data
BigID has launched a new feature called Shadow AI Discovery, which aims to identify unauthorized AI models and potentially risky data associated with them. This initiative addresses the growing concern over rogue AI implementations that can pose security risks. Read Original »
PwC Announces Addition of Morgan Adamski to Leadership of Cyber, Data & Technology Risk Platform
PwC has announced the addition of Morgan Adamski to its leadership team within the Cyber, Data & Technology Risk Platform. This move aims to enhance the company's capabilities in addressing cybersecurity challenges and risks. Read Original »
Ransomware Attacks Fall by Almost Half in Q2
Ransomware attacks have seen a significant decline, dropping by nearly 50% in the second quarter. This reduction indicates a potential improvement in cybersecurity measures or a shift in the tactics of cybercriminals. Read Original »
Cybersecurity Incident at Allianz Life Exposes Personal Information of Hundreds of Thousands
Allianz Life has experienced a cybersecurity incident that has compromised the personal information of hundreds of thousands of individuals. This breach raises significant concerns regarding data security and privacy for the affected parties. Read Original »
CodeSecCon 2025: Where Software Security’s Next Chapter Unfolds
CodeSecCon 2025 is a virtual event scheduled for August 12-13, aimed at uniting developers and cybersecurity professionals to enhance the security of application development and maintenance. The event focuses on innovating practices in software security. Read Original »
AI Tools Fuel Brazilian Phishing Scam While Efimer Trojan Steals Crypto from 5,000 Victims
Cybersecurity researchers have identified a phishing campaign in Brazil that utilizes generative AI tools to create fake websites mimicking government agencies. This operation aims to deceive users and is part of a broader financially motivated scheme targeting individuals. Read Original »
860K Compromised in Columbia University Data Breach
Columbia University has reported a data breach affecting 860,000 individuals, although no data has been misused as of yet. The university has advised those impacted to stay vigilant for potential future misuse of their information. Read Original »
Redefining the Role: What Makes a CISO Great
The article emphasizes the critical role of the Chief Information Security Officer (CISO) in fostering a culture of security within an organization. It highlights that while security is a collective responsibility, the leadership and direction from the CISO are essential for effective cybersecurity management. Read Original »
Help Desk at Risk: Scattered Spider Shines Light on Overlook Threat Vector
The article highlights the increasing threat to help desks and identity systems from agile, socially-engineered attacks, indicating that traditional security measures are inadequate. Scattered Spider is mentioned as a source shedding light on this overlooked threat vector. Read Original »
Data Dump From APT Actor Yields Clues to Attacker Capabilities
A recent data dump from a threat actor, suspected to be linked to China or North Korea, reveals insights into their capabilities, including details on recent campaigns and attack tools. The information also includes compromised credentials and command files used in their operations. Read Original »