One Exposed Command Unraveled Three Microsoft 365 Phishing Campaigns

A single exposed command let researchers unravel three long-running Microsoft 365 phishing campaigns, while Meta filed a patent for an AI that would log your emotional state all day and researchers found a flaw letting attackers hijack Google Dialogflow chatbots across a cloud project. Here’s this week’s malware landscape.

Read more

Treasury Sanctions Ransomware Infrastructure as Silent Ransom Group Hits in Under an Hour

Treasury sanctioned a VPN provider and a malware-disguising “cryptor” seller that enabled ransomware attacks, while Google’s Mandiant revealed the Silent Ransom Group has compressed law firm attacks to under an hour. Combined with a confirmed fully autonomous AI ransomware attack, here’s this week’s ransomware roundup.

Read more

Claude Code Source Map Leak Exposes 500,000 Lines of Code as Arm Confirms Breach

A leaked source map exposed roughly 500,000 lines of Claude Code source code, while chip design giant Arm confirmed a breach and ServiceNow disclosed an API flaw exposing customer instance data. Here’s this week’s cybersecurity landscape, including a notarized macOS stealer that passed Apple’s own vetting.

Read more