AI Agents: New Privilege Escalation Paths in Cybersecurity
AI agents boost automation, but broad permissions weaken IAM controls, enabling unintended privilege escalation and obscuring…
Researchers Null-Route Over 550 Kimwolf and Aisuru Botnet Command Servers
Researchers null-route traffic to over 550 Kimwolf/Aisuru botnet C2 servers. The botnets compromise Android devices for…
Drones to Diplomas: Russia University Linked to $25M Essay Mill
A cheating network linked to a Kremlin-connected oligarch and a university building drones for Russia’s war…
Who Benefited from the Aisuru and Kimwolf Botnets?
A deep dive into the beneficiaries of the Aisuru and Kimwolf botnets, which compromised millions of…
Ukraine’s Army Targeted in Charity-Themed Malware Campaign
Ukrainian defense officials targeted by PluggyApe backdoor malware in a charity-themed campaign. Likely linked to Russian…
Monroe University data breach affects 320,000 people
Monroe University reveals a data breach impacted over 320,000 individuals after a cyberattack in December 2024,…
Victorian Department of Education Data Breach: Student Data Stolen
The Victorian Department of Education in Australia reports a data breach exposing student information. Passwords reset…
Pax8 data leak exposes info of 1,800 MSP partners
Cloud marketplace Pax8 accidentally emailed partners a spreadsheet containing business info, exposing data on 1,800 MSP…
Reprompt attack hijacks Microsoft Copilot sessions for data theft
Researchers discover a “Reprompt” attack allowing hackers to infiltrate Microsoft Copilot sessions and exfiltrate sensitive user…
ConsentFix debrief: Insights from the OAuth phishing attack
Push Security shares insights on ConsentFix, a novel OAuth phishing technique. Learn about its evolution, community…
Latest Posts
- Drones to Diplomas: Russia’s University Linked to $25M Essay Mill
- The Kimwolf Botnet is Stalking Your Local Network
- Who Benefited from the Aisuru and Kimwolf Botnets?
- Windows 11 PCs may fail to shut down after January update: Microsoft confirms
- Cisco Patches AsyncOS Zero-Day Exploited Since November 2025
