Google Cloud and Cloudflare are investigating ongoing outages impacting access to sites and various services across multiple regions. […] Go to Source Author: Sergiu Gatlan
Author Archives: Onsite Computing, Inc.
The threat actors behind the VexTrio Viper Traffic Distribution Service (TDS) have been linked to other TDS services like Help TDS and Disposable TDS, indicating that the sophisticated cybercriminal operation is a sprawling enterprise of its own that’s designed to distribute malicious content. “VexTrio is a group of malicious adtech companies that distribute scams and […]
Forensic investigation has confirmed the use of Paragon’s Graphite spyware platform in zero-click attacks that targeted Apple iOS devices of at least two journalists in Europe. […] Go to Source Author: Bill Toulas
Hackers have been using the TeamFiltration pentesting framework to target more than 80,000 Microsoft Entra ID accounts at hundreds of organizations worldwide. […] Go to Source Author: Bill Toulas
To truly future-proof your cybersecurity approach, it’s vital to ensure that your security program is flexible and adaptable to both current and future business demands. Go to Source Author: Brent Stackhouse
Cybersecurity researchers have discovered a novel attack technique called TokenBreak that can be used to bypass a large language model’s (LLM) safety and content moderation guardrails with just a single character change. “The TokenBreak attack targets a text classification model’s tokenization strategy to induce false negatives, leaving end targets vulnerable to attacks that the implemented […]
Microsoft announced that a new Edge feature allowing employees to share passwords more securely in enterprise environments has reached general availability. […] Go to Source Author: Sergiu Gatlan
AI is changing everything — from how we code, to how we sell, to how we secure. But while most conversations focus on what AI can do, this one focuses on what AI can break — if you’re not paying attention. Behind every AI agent, chatbot, or automation script lies a growing number of non-human […]
GitLab has released security updates to address multiple vulnerabilities in the company’s DevSecOps platform, including ones enabling attackers to take over accounts and inject malicious jobs in future pipelines. […] Go to Source Author: Sergiu Gatlan
A novel attack technique named EchoLeak has been characterized as a “zero-click” artificial intelligence (AI) vulnerability that allows bad actors to exfiltrate sensitive data from Microsoft 365 Copilot’s context sans any user interaction. The critical-rated vulnerability has been assigned the CVE identifier CVE-2025-32711 (CVSS score: 9.3). It requires no customer action and has been already […]