When headlines broke this September about the world’s largest supply-chain attack yet on the popular open source Chalk and Debug libraries, skeptics were quick to […]
Gen AI success requires an AI champions network
Getting an enterprise-grade generative AI platform rolled out is a milestone, but it’s just the entry point. Sustained, distributed adoption doesn’t come from tool access. […]
U.S. Prosecutors Indict Cybersecurity Insiders Accused of BlackCat Ransomware Attacks
Federal prosecutors in the U.S. have accused a trio of allegedly hacking the networks of five U.S. companies with BlackCat (aka ALPHV) ransomware between May […]
Ransomware-Bande missbraucht Microsoft-Zertifikate
Kontinuierlich offenstehende Hintertüren sind für Cyberkriminelle ein Freifahrtschein. Dada Leee | shutterstock.com Die Ransomware-Bande Rhysida ist speziell im Unternehmensumfeld berüchtigt. Nun scheint das kriminelle Hacker-Kollektiv […]
Google’s AI ‘Big Sleep’ Finds 5 New Vulnerabilities in Apple’s Safari WebKit
Google’s artificial intelligence (AI)-powered cybersecurity agent called Big Sleep has been credited by Apple for discovering as many as five different security flaws in the […]
‘SleepyDuck’ Malware in Open VSX Lets Attackers Remotely Control Windows PCs
Security researchers have identified a dangerous remote access trojan called SleepyDuck lurking in the Open VSX IDE extension marketplace, targeting developers who use code editors […]
Malicious PuTTY Ads Deliver OysterLoader, Allowing Attackers Full Device and Network Access
The Rhysida ransomware gang has been running a sophisticated malvertising campaign that delivers OysterLoader malware through deceptive search engine advertisements, giving attackers complete access to […]
Microsoft Detects “SesameOp” Backdoor Using OpenAI’s API as a Stealth Command Channel
Microsoft has disclosed details of a novel backdoor dubbed SesameOp that uses OpenAI Assistants Application Programming Interface (API) for command-and-control (C2) communications. “Instead of relying […]
Microsoft’s WSUS Patch Causes Hotpatching Failures on Windows Server 2025
Microsoft has acknowledged a critical issue affecting Windows Server 2025 systems enrolled in the Hotpatch program. A recent Windows Server Update Services (WSUS) patch was […]
SesameOp: Using the OpenAI Assistants API for Covert C2 Communication
Microsoft’s Detection and Response Team has exposed a sophisticated backdoor malware that exploits the OpenAI Assistants API as an unconventional command-and-control communication channel. Named SesameOp, […]