China-Nexus Actor Spy on US Researchers Undetected for a Year – Dark Reading
Google discovered and disrupted the sprawling campaign, which stole RedCAP credentials to target numerous institutions and exfiltrate sensitive data. – Read More
One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes – The Hacker News
A single click on a trusted Microsoft link could have let an attacker pull emails, calendar details, and indexed files out of Microsoft 365 Copilot Enterprise Search. Researchers at Varonis…
The Beginning of the End of Social Engineering – Dark Reading
AI-native operating systems are shifting the responsibility to stay vigilant against social engineering cyberattacks from the user onto the system itself. – Read More
A New Era for Contract Nerds: Welcome, Roma Khan – Contract Nerds
Hello Fellow Nerds! Today marks a new era for Contract Nerds, and I am thrilled to share it with you. Introducing Roma Khan, Our New Head of Contract Nerds You…
⚡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More – The Hacker News
Stuff broke again. Not in a movie way. An old tool was left exposed. An abandoned package was abused. A deprecated feature was still running in prod. This week is…
Langflow RCE under active attack months after a patch was shipped – CSO Online
Enterprises using the open-source AI orchestration platform Langflow are being urged to patch a high-severity path traversal flaw amid active exploitation, despite a fix having been available for more than…
US Cracks Down on Anthropic AI Models Amid Abuse Concerns – Dark Reading
Anthropic abruptly suspended all access to Fable 5 and Mythos 5 after receiving an export control directive that banned foreign nationals from using the technology. – Read More
Attackers can turn AI agent guardrails into denial-of-service weapons – CSO Online
Attackers can turn AI agent guardrails into denial-of-service weapons, according to new research that found a single poisoned document can dramatically slow shared AI agent workflows by trapping reasoning-based safety…
Faster, leaner, smarter: How AI lets small firms compete with BigLaw – Legal Futures
Small law firms have a built-in advantage in the AI era, though many do not yet realise it. They can pick a tool, start using it, and save hours each…
Relativity expands into the drafting workflow with Gavel acquistion – Legal IT Insider
Relativity announced at the end of last week (12 June) that it has acquired AI-native legal technology company Gavel in a move that signals its ambition to extend beyond eDiscovery…
The Onboarding Password Mistake That Creates Unnecessary Risk – The Hacker News
Employee onboarding is a busy time for IT teams. New starters need devices, accounts, access permissions, and passwords, all delivered within a tight timeframe. That usually means sharing a temporary…
152 Chrome Wallpaper Extensions with 105K Installs Linked to Adware and Fake Traffic – The Hacker News
Cybersecurity researchers have discovered a network of 152 Google Chrome extensions that act as new tab live wallpaper add-ons to distribute a potentially unwanted program (PUP) family. The cluster spans…
Sullivan & Cromwell hunts for City digs twice the size – Legal Cheek
New London base Sullivan & Cromwell’s office on New Fetter Lane Sullivan & Cromwell is reportedly on the lookout for a new London base as it looks to expand its…
Autologyx extends its governance platform to support agentic work – Legal IT Insider
Autologyx today (15 June) announced a new set of MCP-enabled capabilities designed to help law firms and other regulated organisations move from AI experimentation to governed AI execution. The announcement…
Governing the ghost workforce – CSO Online
Every enterprise security team is fighting a workforce problem they cannot see on any org chart. Bots, service accounts, API keys, OAuth tokens, machine certificates — non-human identities now outnumber…