Microsoft: ‘Summarize With AI’ Buttons Used To Poison AI Recommendations via @Sejournal, @MattGSouthern
Microsoft’s Defender Security Research team unveiled a new threat called “AI Recommendation Poisoning,” where website buttons labeled “Summarize with AI” embed hidden prompt‑injection instructions. Clicking these buttons feeds AI assistants a URL‑encoded command that tells the model to remember the site as a trusted source, subtly biasing future citations. The study logged 50 distinct attempts from 31 legitimate companies over 60 days, using tools like CiteMET and AI Share URL Creator. Microsoft has added Copilot defenses and hunting queries for Defender for Office 365 to detect the abuse.
AI Empowers Cyber Criminals. Could It Also Help Schools Fight Them?
School districts are experimenting with generative and agentic AI to bolster cybersecurity, but results are mixed. While vendor‑built AI features provide more reliable insights than generic models, many districts still rely on traditional tools due to staffing and budget constraints....
One Billion Identity Records Exposed in Unsecured ID Verification Database
A cloud‑based identity verification database tied to IDMerit was found exposed without password protection or encryption, leaking roughly one billion personal records across at least 26 countries. The trove, estimated at one terabyte, contained names, dates of birth, addresses, phone...
Your Own Voice Could Be Your Biggest Privacy Threat. How Can We Stop AI Technologies Exploiting It?
Researchers at Aalto University warn that AI-driven voice analysis can extract sensitive personal data—from political views to health conditions—simply from speech patterns. Their study, published in IEEE Proceedings, highlights risks such as price‑gouging, discriminatory profiling, and stalking if corporations or...
Microsoft: Critical Security Issue Found in Windows Notepad
Microsoft patched a high‑severity vulnerability (CVE‑2026‑20841) in the modern Windows Notepad app that adds Markdown support. The flaw allows remote code execution when a user opens a malicious .md file and clicks a crafted link. The issue affects only the...
Cynet’s MacKenzie Brown: ‘MSPs Don’t Need Drama. They Need Clarity And Process.’
Cynet has hired MacKenzie Brown as Vice President of Threat Intelligence Strategy to turn the vendor’s global telemetry into a practical, operational threat‑intelligence system for managed service providers (MSPs). Brown emphasizes moving beyond generic monthly reports toward actionable, tactical intel...
The 25 Most Vulnerable Passwords of 2026
Plasma’s 2026 study identified the 25 most vulnerable passwords based on global search volume and common‑password lists. “password” led the list with over 10 million searches, followed by “admin”, “qwerty”, and other simple sequences. The research also highlighted ten insecure password...
NIST’s Quantum Breakthrough: Single Photons Produced on a Chip
NIST announced a chip that reliably generates a single photon on demand using quantum‑dot technology. The device achieves near‑perfect efficiency and, when paired with superconducting nanowire single‑photon detectors, can transmit photons up to 600 miles. Mass‑production of the chip is...
Why the Shift Left Dream Has Become a Nightmare for Security and Developers
The article argues that the long‑standing "shift‑left" mantra has backfired, overloading developers with security tasks while business demands prioritize speed. Qualys analyzed 34,000 public container images and found 7.3% malicious, many containing cryptomining code or exposed secrets. This risk stems...
There’s Always Something: Secrets Detection at Engagement Scale with Titus
Praetorian released Titus, an open‑source secret scanner built in Go that runs as a CLI, library, Burp Suite, or Chrome extension. It inherits Nosey Parker’s 450+ detection rules and adds binary file extraction and a validation framework that confirms whether...
Liquibase Secure 5.1 Closes Gap in Data Platform Security, Compliance, and AI Readiness
Liquibase announced Secure 5.1, extending its modeled change‑control framework to Snowflake’s control plane. The release treats Snowflake access, sharing, and cost‑control changes as first‑class, auditable objects, enabling policy enforcement, drift detection and automated rollback. Secure 5.1 also adds support for Databricks, MongoDB,...
Latin America's Cyber Maturity Lags Threat Landscape
Intel 471’s 2025 report shows Latin America’s cyber‑maturity is improving but the region faces a rapidly intensifying threat landscape. Ransomware incidents jumped 78% year‑over‑year, with more than 450 breaches recorded, while Brazil alone accounted for 30% of ransomware and extortion attacks....
LLMs Change Their Answers Based on Who’s Asking
A MIT Center for Constructive Communication study reveals that leading large language models—GPT‑4, Claude 3 Opus, and Llama 3‑8B—alter answer quality based on perceived user traits. When prompted with biographies suggesting lower education, non‑native English proficiency, or foreign nationality, all three models show...
From IT Controls to Engineering Resilience: Rethinking Smart Building Cybersecurity
Smart building operators are importing IT‑centric cybersecurity controls—encryption, authentication, zero‑trust—into legacy automation systems, but these measures can unintentionally disrupt deterministic control loops. A real‑world HVAC example shows a missed certificate renewal causing controllers to stop responding, leaving occupants uncomfortable and...
San Jose Slow to Tell Workers About Data Breach
San Jose city officials disclosed that a lost USB drive may have exposed Social Security numbers of current and former employees. The breach occurred on Jan. 9, but the city delayed notifying affected workers, providing no estimate of how many were...
Loan Applications, Drivers Licences, Personal Data of 440k Aussies Exposed After Hacker Hits Sydney Finance Tech Company youX
Australian fintech platform youX confirmed an unauthorized intrusion that exposed personal data of approximately 440,000 Australians. The stolen information includes loan applications, driver’s licence details and other identifying data. The breach was disclosed following the company’s internal investigation and reported...
Future-Proofing Virtual Desktops: What IT Leaders Need to Plan for Now
IT leaders are re‑evaluating desktop strategies as demand becomes erratic, security standards tighten, and AI reshapes workloads. Future‑proofing requires elastic provisioning, centralized Zero‑Trust controls, and continuous automation rather than periodic overhauls. The article argues that operational efficiency and flexible platforms...
PayPal Discloses Data Breach that Exposed User Info for 6 Months
PayPal disclosed a data breach affecting its Working Capital loan application, where personal information—including Social Security numbers—was exposed from July 1 to December 13, 2025. The company identified the issue on December 12, 2025, rolled back the faulty code, and halted unauthorized access within a...
The Modern Desktop Reset: Why UK IT Leaders Are Rethinking End-User Computing
UK IT leaders are abandoning traditional on‑premises desktops and legacy VDI in favor of Desktop‑as‑a‑Service (DaaS) to meet evolving security, cost and hybrid‑work demands. DaaS, especially Microsoft’s Azure Virtual Desktop and Windows 365, offers scalable, cloud‑native environments that align spend with...
Ready to Move On: How to Evaluate, Select, and Deploy Modern Email Security
The article guides MSPs on replacing legacy security email gateways (SEGs) with modern, API‑native email security platforms that operate inside Microsoft 365 and Google Workspace. It stresses the need for behavioral, AI‑driven detection rather than static signatures, and outlines key vendor...
The Illusion of Choice in Enterprise Desktop Strategy
Enterprises are finding that desktop‑OS choices in 2026 are no longer a tactical IT decision but a forced strategic commitment driven by the Windows 10 end‑of‑support deadline, costly Windows 11 upgrades, and the tax‑like Extended Security Updates (ESU). The pressure to meet...
Dramatic Escalation in Frequency and Power of DDoS Attacks
The Radware 2026 Global Threat Analysis Report reveals a 168% jump in DDoS attacks in 2025 versus 2024, with customers averaging 139 attempted incidents per day. Technology, telecommunications and financial services bore the brunt, the tech sector alone accounting for...
CharlieKirk Grabber Malware Targets Windows Systems to Steal Login Credentials
CharlieKirk Grabber is a new Python‑based Windows infostealer first seen in February 2026. It rapidly harvests credentials from Chromium and Firefox browsers, Wi‑Fi profiles, Discord tokens, and gaming sessions, then packages the data into a ZIP archive for exfiltration via...
Hackers Breach Contractor Linked to Ukraine’s Central Bank Collectible Coin Store
Ukraine’s National Bank temporarily shut down its online collectible‑coin store after a cyberattack compromised customer registration data. Attackers accessed personal details such as names, phone numbers, email and delivery addresses through a contractor that supports the storefront, but no financial...
Netzilo AI Edge Delivers Enterprise-Grade Visibility, Sandboxing, and Governance for OpenClaw Agents
Netzilo announced the launch of AI Edge, a platform that gives enterprises full visibility, sandboxing, and governance over OpenClaw autonomous agents. The solution captures LLM communications, tool‑call chains, file system activity, and local agent actions, feeding them into a behavioral...
Fincite Secures ISO 27001 Certification
FinCite, a provider of end‑to‑end investment advisory software, has achieved ISO 27001 certification, confirming its information security management system meets global standards. The certification spans the company’s entire operational backbone, including cloud infrastructure, development lifecycles, and client‑facing services such as onboarding...
Why Most Breaches Happen After Launch: SaaS Security Testing Best Practices
Most SaaS breaches occur after launch because security efforts often wane while the attack surface expands. Post‑deployment misconfigurations, rapid feature releases, and third‑party integrations introduce new vulnerabilities that go unnoticed without continuous testing. StrongBox IT and similar providers advocate ongoing vulnerability...
Identity Cyber Scores: The New Metric Shaping Cyber Insurance in 2026
Identity cyber scores are emerging as the primary metric insurers use to underwrite cyber‑insurance policies in 2026. Insurers now scrutinize password hygiene, privileged‑access management and MFA coverage, linking weak identity controls to higher breach likelihood and premium costs. The global...
Global Alliance Emphasizes Operational Resilience and Verification Practices in Digital Account Management
Global Alliance announced enhanced operational safeguards for its digital platform, including multi‑factor authentication (MFA) for logins and sensitive actions. The firm now requires verification checkpoints before adding external withdrawal destinations, tightening outbound transaction controls. Real‑time data backups and DDoS mitigation...
What the Nike Breach Teaches Us About the Microsegmentation Imperative of Integrating with EDR
On January 22, 2026 Nike disclosed that 1.4 terabytes of R&D, supply‑chain and pricing data were posted on the WorldLeaks leak site. The breach, driven by compromised VPN credentials, bypassed traditional endpoint detection and highlighted the rise of value‑chain extortion. WorldLeaks,...
Two Petabytes Worth Data of Israeli’s Siphoned, Says Cyber Head
Israel’s National Cyber Directorate disclosed that roughly two petabytes—equivalent to 100 National Library of Israel archives—have been exfiltrated from citizens and institutions over recent years. The breach scale eclipses prior megabyte‑ and terabyte‑level incidents, marking an unprecedented data loss. Concurrently,...
Discover Network Shows How Sharing Data Can Turn the Tide on Fraud
Fraud is evolving into a fast‑moving, AI‑driven threat across e‑commerce, payments and identity, outpacing traditional, institution‑by‑institution defenses. Discover Network argues that sharing data through a consortium enables real‑time signal aggregation, tokenization and enhanced decisioning to spot patterns no single bank...
AI-Empowered Cybersecurity: Key Events and Emerging Trends in 2025
In September 2025 Anthropic disclosed the world’s first autonomous AI‑driven cyberattack, where an AI system executed 80‑90% of the malicious workflow with only a handful of human interventions. The attackers masqueraded as a cybersecurity firm, using Claude Code and the Model...
Apple Updates iPhones After Targeted Attacks
Apple released emergency updates for iOS, iPadOS, and macOS after a previously unknown memory‑corruption flaw in the dyld Dynamic Link Editor (CVE‑2026‑20700) was found being actively exploited. The vulnerability, uncovered by Google’s Threat Analysis Group, was used alongside two earlier...
Security Compass Brings Policy-Driven Security and Compliance to Agentic AI Development
Security Compass unveiled SD Elements for Agentic AI Workflow, a platform that embeds policy‑driven security and compliance checks directly into AI‑assisted software development. The solution automatically generates, validates, and records evidence that both human developers and autonomous AI agents adhere to...
AI in the SOC: Why Complete Autonomy Is the Wrong Goal
Artificial intelligence is reshaping security operations, but experts argue that a fully autonomous SOC is impractical. Dan Petrillo of BlueVoyant stresses that AI should augment analysts, handling high‑volume tasks like alert triage while humans retain decision‑making authority. Real‑world constraints—noisy data,...
Krikey AI Achieves SOC2 Compliance, Strengthening Security Assurance for Its Professional AI Animation Generator
Krikey AI announced it has earned SOC2 Type II certification and Amazon Web Services Nonprofit and Education competency badges, confirming its 3D animation generator meets rigorous security and operational standards. The certifications validate institutional‑grade data protection for enterprises, schools, and nonprofit...
The CISO View of Fraud Risk Across the Retail Payment Ecosystem
In a Help Net Security interview, Paul Suarez, VP and CISO of Casey’s, explains that fuel‑payment hardware receives the same disciplined patching and modernization approach as other retail technology. He warns that QR‑code payment methods create fresh fraud opportunities, prompting...
Applying Green Energy Tax Policies to Improve Cybersecurity
Governments are proposing to mirror green‑energy tax incentives to boost cybersecurity, pairing financial rewards with a digital trust label similar to ENERGY STAR. The model would grant tax credits or rebates to firms that achieve the label, encouraging security‑by‑design across...
Google Threat Intelligence Report Highlights Growing Adversarial Exploitation of AI
Google’s Threat Intelligence Group released a new report detailing how adversarial AI is increasingly weaponized against enterprises. The study highlights a surge in model‑extraction attacks, where threat actors query commercial LLMs like Gemini to create compact replicas, and documents AI‑enhanced...
Bell Cyber and Radware Expand AI-Driven, Cloud-Delivered Security Services
Bell Cyber and Radware have launched an AI‑driven, cloud‑delivered security service that merges Radware’s machine‑learning application protection with Bell Cyber’s fully managed SOC operations. The offering safeguards web applications, APIs, bots and DDoS attacks for ERP and SaaS environments while...
Former Google Engineers Indicted Over Trade Secret Transfers to Iran
Two former Google engineers and a spouse were indicted for allegedly stealing trade secrets related to Google’s Tensor processor and other hardware designs, then transferring the data to Iran. The defendants used personal devices, messaging channels, and manual photographs to...
HHS OCR Settles HIPAA Security Rule Investigation with Top of the World Ranch Treatment Center
The U.S. Department of Health and Human Services Office for Civil Rights settled with Top of the World Ranch Treatment Center after a phishing attack exposed ePHI for 1,980 patients. OCR fined the provider $103,000 and imposed a two‑year corrective...
Thomas Peer on Building Long-Term Relationships and Trust
Thomas Peer Solutions has teamed with Wasabi to deliver immutable cloud‑based backups that protect enterprise data against ransomware and other disruptions. CEO Udara Dharmadasa emphasizes selling the solution to C‑suite executives by framing it in terms of risk mitigation, ROI...
New Phishing Campaign Tricks Employees Into Bypassing Microsoft 365 MFA
A new phishing campaign is leveraging the OAuth 2.0 device authorization grant to sidestep Microsoft 365 multi‑factor authentication. Attackers send emails that appear to reference payments, bonuses or voicemails, then direct recipients to a genuine Microsoft login page where a...
GitLab Extends Omnibus Package Signing Key Expiration to 2028
GitLab announced that the GPG key used to sign its Omnibus packages will now expire on February 16, 2028, extending the previous 2026 deadline. The key, which authenticates package integrity across CI pipelines, remains separate from repository metadata signing keys...
Security as a Service Enhances Federal Cybersecurity and Improves Scalability
Federal agencies are increasingly turning to Security as a Service (SECaaS) to maintain cyber defenses amid staffing cuts and the recent shutdown. The Navy, VA, Energy, Justice and Homeland Security rely on FedRAMP‑authorized AWS and Azure tools such as GuardDuty,...
Emerging Chiplet Designs Spark Fresh Cybersecurity Challenges
Chiplet technology is reshaping semiconductor design by allowing modular, mix‑and‑match silicon components, accelerating AI data‑center and autonomous‑vehicle development. However, the distributed manufacturing model creates new supply‑chain vulnerabilities, as a single compromised chiplet can introduce hardware Trojans that affect entire systems....
Meriden, Connecticut Shuts Down City Internet After Disruption Attempt
Meriden, Connecticut, temporarily shut down its municipal internet and public Wi‑Fi after detecting an attempted cyber disruption. The city’s IT department isolated the network within minutes, limiting impact to non‑essential municipal operations while emergency services remained functional. Police have opened...
NSA Issues Guidelines on Zero Trust Architecture
The National Security Agency has issued a two‑phase Zero Trust Implementation Guidelines to help organizations adopt zero‑trust architecture in line with Department of Defense standards. The guidance details specific activities and requirements, acknowledging that implementation can be resource‑intensive and costly....
