Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction
A novel attack technique named EchoLeak has been characterized as a "zero-click" artificial intelligence (AI) vulnerability that allows bad actors to exfiltrate sensitive data...
New BrowserVenom malware being distributed via fake DeepSeek phishing website
Introduction
DeepSeek-R1 is one of the most popular LLMs right now. Users of all experience levels look for chatbot websites on search engines, and threat...

OctoSQL & Vulnerability Data, (Sun, Jun 8th)
As an avid daily reader of TLDR Information Security I benefit twofold. First, I gain interesting insights and recommendations regarding launches and tools, where I first...
Marks & Spencer’s ransomware nightmare
Over Easter, retail giant Marks & Spencer (M&S) discovered that it had suffered a highly damaging ransomware attack that left some shop shelves empty,...
Vastaamo – Darknet Diaries
Full Transcript
Joe Tidy investigates what may be the cruelest and most disturbing cyber attack in history. A breach so invasive...
BladedFeline: Whispering in the dark
In 2024, ESET researchers discovered several malicious tools in the systems used by Kurdish and Iraqi government officials. The APT...
