X-Industry

Finding software vulnerabilities used to require teams of security researchers months of painstaking analysis.  Anthropic’s Claude Mythos does it automatically-and that’s exactly the problem.  The company admits no one, including itself, has built safeguards strong enough to prevent such models from being weaponized.  Yet Anthropic simultaneously promises to make “Mythos-class models” publicly available once it develops “far stronger safeguards.”[1]

When AI Outpaces Human Security Teams - Mythos

Two Microsoft zero-days affecting its Defender antimalware suite are being actively exploited to trigger denial-of-service (DoS) states on unpatched Windows devices. The first flaw, tracked as CVE-2026-41091 (CVSS: 7.8), is a privilege escalation vulnerability impacting the Microsoft Malware Protection Engine versions 1.1.26030.3008 and earlier. This engine provides scanning, detection, and cleaning functions for Microsoft’s native security software.  The vulnerability arises from an improper li

Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkably good at finding security vulnerabilities in human-made computer code.  That reality is on full display this month, with some of the more widely used software makers, including Apple, Google, Microsoft, Mozilla, and Oracle, fixing near-record volumes of security bugs and/or quickening the tempo of their patch releases.[1]

As it does on the second Tuesday of every mon

Researchers at Varonis Threat Labs have disclosed a proof-of-concept attack technique that enables the silent exfiltration of outgoing emails from Microsoft 365 accounts using legitimate Outlook add-ins.  Named Exfil Out&Look, the method exploits Outlook Web Access (OWA) to intercept and transmit email content without generating forensic traces in audit logs.  The technique involves creating a custom Outlook add-in with standard web technologies, including a manifest file that specifies minimal

Microsoft is warning that the June expiration of software certificates will put those still using Windows 10 in an even more vulnerable state.  The software certificates deal with a feature called Secure Boot, which can prevent a PC from loading malicious code as the machine starts up.  Microsoft initially introduced the feature in 2011 with Windows 8 to ensure only trusted software runs during the boot process, warding off potential "pre-boot malware" threats.[1]

The problem is that “all Window

A long-running malware operation that has evolved over several years has been turning browser extensions in Chrome and Edge into spyware through updates that added malicious functionalities.  According to a report from Koi Security, the ShadyPanda campaign affects 4.3 million users who downloaded these now compromised browser extensions.

The ShadyPanda campaign consists of 20 malicious extensions on the Chrome Web Store and 125 in Edge; initial submissions of the extensions appeared in 2018, and

Microsoft Corporation issued security updates on 9 September 2025 to fix more than 80 vulnerabilities in its Windows operating systems and software.  There are no known “zero-day” or actively exploited vulnerabilities in this month’s bundle from Redmond, which nevertheless includes patches for 13 flaws that earned Microsoft’s most-dire “critical” label.  Meanwhile, both Apple and Google recently released updates to fix zero-day bugs in their devices.

Microsoft assigns security flaws a “critical”

Cases of cyber-attacks are constantly being reported all over the world. Recently, a big Cyberespionage Operation has been disclosed. In this, Microsoft's SharePoint server was targeted.  About 100 different organizations have fallen victim to this operation so far.  This cyber-attack was so dangerous that Microsoft had to issue an alert in the past days.  It was said that active attacks are going on their SharePoint server, and users will have to install safety updates immediately.

This attack

If you are looking to plan a future vacation, take a minute to scrutinize hotel and travel service booking sites. Hotel and hostel workers are being tricked into downloading credential-stealing malware by cybercriminals impersonating Booking[.]com. In a phishing campaign that began in December 2024 and continued through February, the threat actors are targeting people in the hospitality industry across North America, Southeast Asia and Europe who are likely to work with Booking[.]com and to op

Cybercriminals are abusing a weakness in ASP.NET websites to remotely execute malicious code, according to Microsoft’s Threat Intelligence team, which has published an in-depth analysis of the new method.  In the article, Microsoft explained threat actors were injecting malicious code through a method called ViewState code injection attacks.

ViewState is a feature in ASP.NET websites that helps remember user input and page settings when the page is refreshed. It stores this information in a hidd

A new phishing campaign relies on legitimate links to trick victims into logging in and giving attackers control of their PayPal accounts. The phishing emails inform the intended victim of a payment request, providing legitimate-looking details, such as an amount and transaction ID, and even contain warnings that one would typically find in an email from PayPal. The messages come from a genuine PayPal address and include a genuine URL, which allows them to pass security checks and makes them app

Microsoft's Digital Crimes Unit is pursuing legal action to disrupt cybercriminals who create malicious tools that evade the security guardrails and guidelines of generative AI (GenAI) services to create harmful content.  According to a spokesman, it has observed a threat group seeking out vulnerable customer accounts using generative AI, then creating tools to abuse these services.[1]

See:  https://redskyalliance.org/xindustry/microsoft-s-new-copilot-ai-agents

According to an unsealed complaint

Security researchers have flagged a critical vulnerability in Microsoft’s multi-factor authentication (MFA) system, called “AuthQuake,” that could allow attackers to bypass protections and gain unauthorized account access.  Their report[1] details how the flaw required no user interaction, did not generate alerts, and took less than an hour to execute.  While multi-factor authentication (MFA) is a solid security mechanism, such flaws make it a double-edged sword due to the nature of the user’s r

Trustwave researchers have recently released a report about a phishing campaign they had been tracking which had experienced a significant increase in activity in August of 2024 and targeting primarily Microsoft 365 users. This campaign has been linked to the phishing kit called Rockstar 2FA.  The Rockstar 2FA phishing kit has been deemed to be an updated version of the DadSec phishing kit. Microsoft tracks the threat actor behind these phishing kits under the moniker Storm-1575.

Rockstar operat

The Black Basta group is a Ransomware-as-a-Service (RaaS) provider that has been in operation since at least April of 2022.  The group is believed to be comprised of former members of the ransomware groups Conti and REvil.  The reason for this belief is driven by several factors, such as the similarities in their tactics and their rapid integration into the cybercriminal ecosystem.

Black Basta is credited as having victimized over 500 organizations.  In the first quarter of 2024, the group had c

Last week, some of Microsoft’s apps were knocked offline in an intentional cyber-attack, it said in an update.  The company’s attempts to stop the hack amplified it.  That meant that some of its apps and features were offline for much of 31 July.  It came just days after Windows PCs were hit by a huge outage that brought much of the world to a standstill, cancelling flights and delaying hospital appointments.  That was the result of a bug in cybersecurity software made by third-party company Cro

A Microsoft outage starting during the evening of 18 July which crippled airlines, financial services, health-care and many energy companies across the world, resulting for many in a "blue screen of death" on their work computers.  In response, Microsoft on Saturday released a recovery tool to help repair Windows machines affected by the bug, a day after CrowdStrike provided instructions for how to fix a crashed PC.

CrowdStrike, a cybersecurity firm whose software protects small businesses and l

Microsoft will soon allow businesses and developers to build AI-powered Copilots that can work like virtual employees and perform tasks automatically.  Instead of Copilot sitting idle waiting for queries, it will be able to monitor email inboxes and automate tasks or data entry that employees normally have to do manually.  It is a big change in the behavior of Copilot, which the industry commonly calls AI agents or the ability for chatbots to intelligently perform complex tasks autonomously.  “W

The European Union has warned Microsoft that it could be fined up to 1% of its global annual turnover under the bloc’s online governance regime, the Digital Services Act (DSA), after the company failed to respond to a request for information (RFI) that focused on its generative AI tools.  In March 2024, the EU asked Microsoft and several other tech giants for information about systemic risks posed by generative AI tools.  On 16 May 2024, the Commission said Microsoft failed to provide some reque

Google is betting Microsoft Corp.’s very public cybersecurity failures, along with deep discounts will persuade corporate and government customers to use the search giant’s productivity software rather than Office.  Some are insinuating Google is trying to steal customers. 

Government agencies that switch 500 or more users to Google Workspace Enterprise Plus for three years will get one year free and be eligible for a “significant discount” for the rest of the contract, said Andy Wen, the senior