2+ hour, 8+ min ago  (586+ words) Frontend cloud platform Vercel, the creator of Next. js and Turbo. js, has warned about a data breach after a compromised third-party AI application abused OAuth to access its internal systems. A Vercel employee used the third party app, identified…...

2+ hour, 7+ min ago  (811+ words) Attackers are increasingly exploiting enterprise collaboration platforms such as Microsoft Teams to gain initial access, impersonating IT helpdesk staff and persuading employees to grant remote control, according to new research from Microsoft. In a blog post, Microsoft described a "cross-tenant…...

5+ hour, 10+ min ago  (482+ words) Shweta has been writing about enterprise technology since 2017, most recently reporting on cybersecurity for CSO online. She breaks down complex topics from ransomware to zero trust architecture for both experts and everyday readers. She has a postgraduate diploma in journalism…...

3+ day, 3+ min ago  (490+ words) Shweta has been writing about enterprise technology since 2017, most recently reporting on cybersecurity for CSO online. She breaks down complex topics from ransomware to zero trust architecture for both experts and everyday readers. She has a postgraduate diploma in journalism…...

4+ day, 5+ hour ago  (1025+ words) Nitin Raina's career history resembles that of many CISOs: He worked in IT infrastructure, operations, and services before moving into security and advancing through the ranks. He's now global chief information security officer at technology consultancy Thoughtworks. But in a…...

2+ mon, 2+ week ago  (935+ words) Most security leaders believe they know where their sensitive data lives and how it is protected. That confidence is increasingly misplaced. This shift has happened quickly. In many organizations, AI systems have moved from pilot projects to core infrastructure in…...

3+ week, 3+ day ago  (501+ words) The European Commission is continuing to investigate the theft of data from its cloud infrastructure earlier this week. On Thursday, the Commission revealed there had been an attack on its Europa. eu platform, offering few details, then, on Friday, security…...

1+ mon, 3+ week ago  (676+ words) Google has disrupted a China-linked espionage group that used Google's spreadsheet application as a covert spy tool to compromise telecom providers and government agencies across 42 countries, sending commands and receiving stolen data through it, Google's Threat Intelligence Group (GTIG) said…...

2+ day, 15+ hour ago  (335+ words) Seemingly harmless Chrome extensions aimed at improving browser privacy and analytics could be inadvertently leaking API keys, secrets, and other sensitive machine information." According to a Symantec research, several widely used Chrome extensions, including Dual Safe Password Manager and Avast…...

3+ mon, 23+ hour ago  (344+ words) Once the browser becomes unusable, victims are presented with a fake "repair" prompt instructing them to paste and execute a command to resolve the issue. According to Huntress" analysis, the malicious extension does not immediately perform malicious actions. Instead, it…...