Author: Harish
Threat actors are leveraging an artificial intelligence (AI) powered presentation platform named Gamma in phishing attacks to direct unsuspecting users to spoofed Microsoft login pages. “Attackers weaponize Gamma, a relatively new AI-based presentation tool, to deliver a link to a fraudulent Microsoft SharePoint login portal,” Abnormal Security researchers Callie Hinman Baron and Piotr Wojtyla said in a Tuesday analysis. The attack chain commences with a phishing email, in some cases sent from legitimate, compromised email accounts, to entice message recipients into opening an embedded PDF document. In reality, the PDF attachment is nothing but a hyperlink that, when clicked, redirects…
Introduction Cyber threats targeting supply chains have become a growing concern for businesses across industries. As companies continue to expand their reliance on third-party vendors, cloud-based services, and global logistics networks, cybercriminals are exploiting vulnerabilities within these interconnected systems to launch attacks. By first infiltrating a third-party vendor with undetected security gaps, attackers can establish a foothold, leveraging these weaknesses to penetrate the primary business partners’ network. From there, they move laterally through critical systems, ultimately gaining access to sensitive data, financial assets, intellectual property, or even operational controls. Recent high-profile breaches like the 2024 ransomware attack that hit Change…
Microsoft has enabled a new “computer use” feature for Copilot Studio this week that lets AI agents interact with websites and desktop applications. Much like OpenAI’s Operator or Claude’s identically named “computer use” feature, businesses will be able to use Copilot Studio to build AI agents that treat websites and desktop apps as if they’re tools for automating tasks.“Computer use enables agents to interact with websites and desktop apps by clicking buttons, selecting menus, and typing into fields on the screen,” explains Charles Lamanna, corporate vice president of Microsoft’s business & industry Copilot. “This allows agents to handle tasks even…
Artificial intelligence services at their heart are massive data plays: You need data — a lot of it — to build the models, and then the models need efficient ways to ingest and output data to work. A company called Hammerspace has built a system to help AI and other organizations tap into data troves with minimal heavy lifting, and it’s been seeing impressive adoption. Now, with customers including Meta and the Department of Defense, as well as other very recognizable names, Hammerspace is announcing $100 million in funding to expand its business. The funding is being described as a…
Artificial intelligence services at their heart are massive data plays: You need data — a lot of it — to build the models, and then the models need efficient ways to ingest and output data to work. A company called Hammerspace has built a system to help AI and other organizations tap into data troves with minimal heavy lifting, and it’s been seeing impressive adoption. Now, with customers including Meta and the Department of Defense, as well as other very recognizable names, Hammerspace is announcing $100 million in funding to expand its business. The funding is being described as a…
Apr 16, 2025Ravie LakshmananCyber Espionage / Network Security Cybersecurity researchers have unearthed a new controller component associated with a known backdoor called BPFDoor as part of cyber attacks targeting telecommunications, finance, and retail sectors in South Korea, Hong Kong, Myanmar, Malaysia, and Egypt in 2024. “The controller could open a reverse shell,” Trend Micro researcher Fernando Mercês said in a technical report published earlier in the week. “This could allow lateral movement, enabling attackers to enter deeper into compromised networks, allowing them to control more systems or gain access to sensitive data. The campaign has been attributed with medium confidence…
When the Breakthrough Prize, founded by Facebook, Apple, and Google moguls and sometimes called “the Oscars of Science” by people who want that to be true, invited a comedian to present one of its awards it probably should have expected a few topical jokes. Remarks made by Seth Rogen during the April 5th livestream about the high-profile tech titans supporting Trump may have ruffled a few feathers, however, and have been scrubbed from the “full video” upload of the ceremony.“It’s amazing that others in this room underwrote electing a man who, in the last week, single-handedly destroyed all of American…
Intro: Why hack in when you can log in? SaaS applications are the backbone of modern organizations, powering productivity and operational efficiency. But every new app introduces critical security risks through app integrations and multiple users, creating easy access points for threat actors. As a result, SaaS breaches have increased, and according to a May 2024 XM Cyber report, identity and credential misconfigurations caused 80% of security exposures. Subtle signs of a compromise get lost in the noise, and then multi-stage attacks unfold undetected due to siloed solutions. Think of an account takeover in Entra ID, then privilege escalation in…
Google on Wednesday said it suspended 39.2 million advertiser accounts on its platform in 2024 — more than triple the number from the previous year — in its latest crackdown on ad fraud. By leveraging large language models (LLMs) and using signals such as business impersonation and illegitimate payment details, the search giant said it could suspend a “vast majority” of ad accounts before they ever served an ad. Last year, Google launched over 50 LLM enhancements to improve its safety enforcement mechanisms across all its platforms. “While these AI models are very, very important to us and have delivered a series…
Update April 16, 10:50 am UTC: This article has been updated to clarify the relationship between Astar and Soneium.Astar, a Japanese Web3 adoption collective bridging Astar Network and Soneium, said it has slashed Soneium’s blockchain finality time by over 98%, as it aims to solve one of the biggest challenges in blockchain scalability.Astar announced a strategic partnership with AltLayer and EigenLayer, to launch a “Fast Finality Layer” for Soneium, a Layer-2 (L2) blockchain network developed by Sony Block Solutions Labs.In blockchain settlement, finality is the assurance that a transaction is irreversible, which happens after it is added to a block…