Microsoft incident responders publish a playbook for detecting prompt abuse in enterprise AI tools
Indirect prompt injection via URL fragments can manipulate AI outputs while evading traditional server-side visibility.
39 reports
Indirect prompt injection via URL fragments can manipulate AI outputs while evading traditional server-side visibility.
Iran • hacktivists • IRGC • MOIS • DDoS • wipers • ransomware • critical infrastructure
Designing upstream controls that cut off access brokers, endpoint breakout, and perimeter device exploitation before T1021 starts
APT42 is an Iran-aligned cyber espionage and surveillance actor assessed by multiple vendors as state-sponsored. Mandiant assesses with high confidence that APT42 conducts information collection…
UK further education (FE) colleges and higher education (HE) institutions face a persistently high-volume threat environment driven by phishing, account compromise, ransomware/extortion, and…
APT33, Elfin, Peach Sandstorm, HOLMIUM, Refined Kitten, Iran, aerospace, energy, petrochemical, spearphishing, password spraying, Outlook Home Page, Ruler, TurnedUp, DropShot, ShapeShift, StoneDrill
APT29, also known as Cozy Bear, is a Russian hacker group believed to be affiliated with one or more Russian intelligence agencies. The group has been operating for the Russian Federation since at…
In late June to early July 2025, multiple airlines disclosed cybersecurity incidents affecting internal systems and/or customer data, with reporting and government/industry warnings pointing to…
Microsoft's latest threat intelligence report highlights an ongoing trend where threat actors exploit legitimate file-hosting services, such as OneDrive , SharePoint , and Dropbox , to deliver…
As we approach the final quarter of 2024, the cyber threat intelligence (CTI) landscape continues to evolve, driven by a combination of emerging threats, geopolitical factors, and the maturation…
In July 2024, Twilio, a major communications provider, disclosed a significant breach involving its Authy multi-factor authentication (MFA) service. This incident, attributed to the ShinyHunters…
In May 2024, cybersecurity researchers uncovered a sophisticated attack campaign known as "Dev Popper," where hackers posed as recruiters conducting fake job interviews to distribute a…