threat analysis

Check Point Research’s excavation of the Ink Dragon cluster reveals a precise, quietly ruthless evolution in modern espionage tradecraft: instead of treating each victim as a disposable data source, the operators systematically convert compromised IIS and SharePoint servers into active nodes in...

Microsoft’s security team and independent researchers have revealed a new side‑channel called Whisper Leak that can infer the subject of encrypted, streaming LLM conversations by analyzing packet sizes and timings — a disclosure that forces a rethink of what “encrypted” means for AI chat...

Microsoft’s security team has disclosed a new side‑channel called Whisper Leak that can reliably infer the topic of a user’s prompts to streaming large‑language models (LLMs) by observing encrypted network metadata — packet sizes and timings — even when TLS is correctly applied. This disclosure...

Microsoft’s High Performance Compute (HPC) Pack is under scrutiny after a reported deserialization vulnerability that — if the technical description is accurate — would allow an attacker to execute arbitrary code over a networked HPC cluster; however, the specific identifier CVE-2025-55232 could...

Anthropic’s new Chrome extension quietly signals the next phase of enterprise AI: assistants that don’t just answer questions but act inside your browser — clicking, filling, and navigating like a human. The company has begun a controlled pilot of Claude for Chrome, inviting 1,000 paying...

Three persistent beliefs about Windows security still shape user behavior in 2025 — that you must pay for antivirus, that Microsoft Defender is a catch‑all shield, and that staying on Windows 10 is safe for years to come — and each of these myths is now misleading in ways that materially affect...

Zenity Labs’ Black Hat presentation unveiled a dramatic new class of threats to enterprise AI: “zero‑click” hijacking techniques that can silently compromise widely used agents and assistants — from ChatGPT to Microsoft Copilot, Salesforce Einstein, and Google Gemini — allowing attackers to...

Microsoft has published an advisory for CVE-2025-50172: a vulnerability in the DirectX Graphics Kernel that permits authorized attackers to cause a denial‑of‑service (DoS) by allocating graphics resources without limits or throttling, potentially disrupting hosts and virtualized workloads that...

Microsoft has unveiled Project Ire, an autonomous AI agent designed to revolutionize malware detection by independently analyzing and classifying software without human intervention. This development marks a significant advancement in cybersecurity, aiming to enhance the efficiency and accuracy...

Malware detection and response are on the brink of transformation as Microsoft unveils Project Ire, its cutting-edge AI-powered tool designed to autonomously root out malicious software. Announced amidst mounting cyber threats and escalating attack sophistication, Project Ire aims to...

For the estimated 300 million organizations worldwide that rely on Microsoft software to manage their operations, cybersecurity remains a daunting and ever-evolving challenge. Many businesses, especially small and midsize enterprises (SMBs), find themselves equipped with powerful security tools...

DevSecOps marks a profound shift in modern software engineering, moving security to the forefront of development rather than relegating it to a postscript. It’s a philosophy and practice that transforms not just the code, but organizational culture, development velocity, and, ultimately, the...

Microsoft 365 tenants across the United States have recently become the focal point of a sophisticated, widespread phishing campaign that leverages a rarely-discussed but highly impactful vulnerability in Exchange Online’s Direct Send feature. Security researchers have confirmed that, since May...

Microsoft is redefining the landscape of email security transparency with the upcoming rollout of large language model (LLM) technology in Microsoft Defender for Office 365. For years, organizations and end-users have faced challenges in demystifying the rationale behind email...

Hornetsecurity has taken a significant stride in the cybersecurity domain with the introduction of its AI Cyber Assistant, a feature-packed evolution within its 365 Total Protection Plan 4 for Microsoft 365 environments. This latest innovation directly addresses the persistent challenges facing...

In an era defined by rapid digital transformation, organizations find themselves in an arms race against increasingly sophisticated cyber threats. Nowhere is this more acutely felt than within the Microsoft 365 ecosystem, whose omnipresence in enterprise workflows makes it a prime target for...

Australian businesses navigating an increasingly complex cybersecurity landscape are discovering significant operational efficiencies through the adoption of artificial intelligence-powered solutions. A prominent example is Quorum, an IT services provider which has partnered with Microsoft to...

Here’s an executive summary and key facts about the “EchoLeak” vulnerability (CVE-2025-32711) that affected Microsoft 365 Copilot: What Happened? EchoLeak (CVE-2025-32711) is a critical zero-click vulnerability in Microsoft 365 Copilot. Attackers could exploit the LLM Scope Violation flaw by...

Every cyber incident headline seems to ping-pong between shifting brands: Cozy Bear, Midnight Blizzard, APT29, UNC2452, Voodoo Bear—names that sound like the roll call from a hacker-themed comic, not the carefully curated codenames for state-sponsored threat actors plaguing the digital world. If...

In the complex arena of cybersecurity, few challenges have hindered swift threat intelligence sharing as much as the long-standing inconsistency in threat actor naming conventions. Security professionals, from incident responders to CISOs, have faced moments of hesitation and confusion when...