News

Introducing Sophos Intelix for Microsoft 365 Copilot

Bys s December 5, 2025

Bringing Sophos threat intelligence directly into Microsoft 365 Copilot.

News

Firefox Patches 2 Zero-Days Exploited at Pwn2Own Berlin with $100K in Rewards
Bys s May 19, 2025

Mozilla has released security updates to address two critical security flaws in its Firefox browser that could be potentially exploited to access sensitive data or achieve code execution. The vulnerabilities, both of which were exploited as a zero-day at Pwn2Own Berlin, are listed below – CVE-2025-4918 – An out-of-bounds access vulnerability when resolving Promise objects…

Read More Firefox Patches 2 Zero-Days Exploited at Pwn2Own Berlin with $100K in Rewards
News

GlassWorm Malware Discovered in Three VS Code Extensions with Thousands of Installs
Bys s November 10, 2025

Cybersecurity researchers have disclosed a new set of three extensions associated with the GlassWorm campaign, indicating continued attempts on part of threat actors to target the Visual Studio Code (VS Code) ecosystem. The extensions in question, which are still available for download, are listed below – ai-driven-dev.ai-driven-dev (3,402 downloads) adhamu.history-in-sublime-merge (4,057

Read More GlassWorm Malware Discovered in Three VS Code Extensions with Thousands of Installs
News

Researchers Find Serious AI Bugs Exposing Meta, Nvidia, and Microsoft Inference Frameworks
Bys s November 14, 2025

Cybersecurity researchers have uncovered critical remote code execution vulnerabilities impacting major artificial intelligence (AI) inference engines, including those from Meta, Nvidia, Microsoft, and open-source PyTorch projects such as vLLM and SGLang. “These vulnerabilities all traced back to the same root cause: the overlooked unsafe use of ZeroMQ (ZMQ) and Python’s pickle deserialization,”

Read More Researchers Find Serious AI Bugs Exposing Meta, Nvidia, and Microsoft Inference Frameworks
News

Cybersecurity Information Sharing Act of 2015 Reauthorized Through September 2026
Bys s February 11, 2026

Ashden Fein, Jess Gonzalez Valenzuela, Analese Bridges, John Webster Leslie, and Claire O’Rourke of Covington and Burling write: The Cybersecurity Information Sharing Act of 2015 (“CISA 2015”), which provides liability protections and other safeguards for sharing certain cybersecurity information with the U.S. federal government and private entities, was reauthorized as part of the funding bill……

Read More Cybersecurity Information Sharing Act of 2015 Reauthorized Through September 2026
News

Help, please: Seeking copies of the PowerSchool ransom email(s)
Bys s June 11, 2025

Help, please: If anyone has a copy of the ransom note sent to PowerSchool in December 2024 or to PowerSchool clients on or about May 7, 2025, please email me a copy or upload it to me on Signal. I want to see not only the body, but the full header and signature. To reach…

Read More Help, please: Seeking copies of the PowerSchool ransom email(s)
News

Microsoft Detects “SesameOp” Backdoor Using OpenAI’s API as a Stealth Command Channel
Bys s November 4, 2025

Microsoft has disclosed details of a novel backdoor dubbed SesameOp that uses OpenAI Assistants Application Programming Interface (API) for command-and-control (C2) communications. “Instead of relying on more traditional methods, the threat actor behind this backdoor abuses OpenAI as a C2 channel as a way to stealthily communicate and orchestrate malicious activities within the compromised

Read More Microsoft Detects “SesameOp” Backdoor Using OpenAI’s API as a Stealth Command Channel

Similar Posts