Cybersecurity

EchoLeak Zero-Click AI Attack in Microsoft Copilot Exposes Company Data

3 minute read

News

EchoLeak Zero-Click AI Attack in Microsoft Copilot Exposes Company Data

Aim Labs uncovers EchoLeak, a zero-click AI flaw in Microsoft 365 Copilot that allows data theft via email. Learn how this vulnerability enables sensitive information exfiltration without user interaction and its implications for AI security.

byDeeba Ahmed

June 12, 2025

US Tops List of Unsecured Cameras Exposing Homes and Offices

3 minute read

Security

US Tops List of Unsecured Cameras Exposing Homes and Offices

A BitSight report reveals over 40,000 internet-connected security cameras globally are exposed, streaming live footage without protection. Learn how common devices, from home cameras to factory surveillance, pose privacy and security risks and get simple tips to secure your own.

byDeeba Ahmed

June 12, 2025

CISA Warns of Serious Remote Control Risks in SinoTrack Vehicle Trackers

2 minute read

Security

CISA Warns of Remote Control Flaws in SinoTrack GPS Trackers

The US CISA reports critical vulnerabilities in SinoTrack GPS devices that could let attackers remotely control vehicles and track locations. Discover the vulnerabilities and essential steps to secure your device.

byDeeba Ahmed

June 11, 2025

Salesforce Industry Cloud Hit by 20 Vulnerabilities Including 0days

2 minute read

Security

Salesforce Industry Cloud Hit by 20 Vulnerabilities Including 0days

AppOmni research reveals over 20 security vulnerabilities, including zero-days, in the Salesforce Industry Cloud. Learn about critical risks, customer responsibilities, and how to protect sensitive data.

byDeeba Ahmed

June 11, 2025

June 2025 Patch Tuesday: Microsoft Fixes 66 Bugs, Including Active Zero-Day

3 minute read

June 2025 Patch Tuesday: Microsoft Fixes 66 Bugs, Including Active 0-Day

June 2025 Patch Tuesday fixes 66 bugs, including a zero-day in WebDAV. Update Windows, Office, and more now to block active threats.

byWaqas

June 10, 2025

3 minute read

Two Mirai Botnets, Lzrd and Resgod Spotted Exploiting Wazuh Flaw

Akamai's latest report reveals two Mirai botnets exploiting the critical CVE-2025-24016 flaw in Wazuh. Learn about these fast-spreading IoT threats and urgent patching advice.

byDeeba Ahmed

June 10, 2025

4 minute read

20 Top-Level Domain Names Abused by Hackers in Phishing Attacks

Disclosure: This article was provided by ANY.RUN. The information and analysis presented are based on their research and findings.

byOwais Sultan

June 10, 2025

How LMS Software Supports Secure Online Employee Learning

4 minute read

Technology

How LMS Software Supports Secure Online Employee Learning

Explore how learning management systems (LMS) software supports safe online learning, protects employee data, and ensures compliance in…

byOwais Sultan

June 10, 2025

3 minute read

Hidden Backdoors in npm Packages Let Attackers Wipe Entire Systems

Malicious npm packages found with hidden endpoints that wipe systems on command. Devs warned to check dependencies for express-api-sync, system-health-sync-api.

byWaqas

June 9, 2025

3 minute read

Limited Canva Creator Data Exposed Via AI Chatbot Database

A Chroma database operated by Russian AI chatbot startup My Jedai was found exposed online, leaking survey responses…

byWaqas

June 9, 2025

The Latest

EchoLeak Zero-Click AI Attack in Microsoft Copilot Exposes Company Data

US Tops List of Unsecured Cameras Exposing Homes and Offices

CISA Warns of Remote Control Flaws in SinoTrack GPS Trackers

Cybersecurity

EchoLeak Zero-Click AI Attack in Microsoft Copilot Exposes Company Data

US Tops List of Unsecured Cameras Exposing Homes and Offices

CISA Warns of Remote Control Flaws in SinoTrack GPS Trackers

June 2025 Patch Tuesday: Microsoft Fixes 66 Bugs, Including Active 0-Day

Two Mirai Botnets, Lzrd and Resgod Spotted Exploiting Wazuh Flaw

20 Top-Level Domain Names Abused by Hackers in Phishing Attacks

How LMS Software Supports Secure Online Employee Learning

Hidden Backdoors in npm Packages Let Attackers Wipe Entire Systems

Limited Canva Creator Data Exposed Via AI Chatbot Database

Seraphic Security Unveils BrowserTotal™ – Free AI-Powered Browser Security Assessment for Enterprises

Aembit Extends Workload IAM to Microsoft Ecosystem, Securing Hybrid Access for Non-Human Identities

Flowable’s Smart Automation Tools Are Reshaping How Enterprises Operate in 2025

Fullscreen BitM Attack Discovered by SquareX Exploits Browser Fullscreen APIs to Steal Credentials in Safari

INE Security Partners with Abadnet Institute for Cybersecurity Training Programs in Saudi Arabia