Japanese telecommunications giant KDDI revealed that millions of people had their email addresses and passwords exposed after attackers breached an email platform used by five internet service providers (ISPs) in the country. KDDI is the second-largest mobile telecommunications provider in Japan, with 45,000 employees and annual revenue of $32.4 billion. The company disclosed last month that it blocked the attackers' access after discovering the incident on June 17. READ MORE...
A government entity in the US reportedly paid a $1 million ransom to the Kairos cyber extortion group to prevent the public dissemination of information stolen in a May 2025 intrusion, Ransom-ISAC reports. A leaked negotiation transcript shows that the extortion group demanded $3 million in cryptocurrency from the victim organization, but eventually settled for $1 million. Kairos claimed to have stolen over 2 terabytes of data, or approximately 1.6 million files. READ MORE...
In the brief history of AI security, the prompt injection has quickly become the top threat. Large language models are inherently unable to distinguish between legitimate instructions provided by users and malicious ones sneaked into emails, source code, and other third-party content the models are processing. This makes it trivial to surreptitiously inject malicious commands that the LLM readily follows. READ MORE...
A cybersecurity startup dangling millions of dollars to acquire zero-day security vulnerabilities in popular software is run by a pair of far-right conspiracy theorists and convicted felons whose most recent ventures included fake intelligence companies and a now-defunct AI-based lobbying platform they operated under assumed names. The X/Twitter account IRIS C2 (@C2IRIS) has gained more than 4,000 followers since its creation in January 2025. READ MORE...
Google recently fixed a vulnerability that would have enabled an attacker to seize data from AI agents and chatbots built with one of Google's flagship AI tools. Varonis researchers this week disclosed "Rogue Agent," a permission boundary issue in Google Cloud Platform's Dialogflow CX AI platform that Varonis Threat Labs describes as a "critical vulnerability." Rogue Agent would have "allowed attackers to exploit the Code Blocks feature to inject persistent malicious code. READ MORE...
A critical prompt injection vulnerability in GitHub Agentic Workflows could allow unauthenticated attackers to leak private repository data, Noma Labs warns. GitHub Agentic Workflows allows users to write workflows in natural language using markdown files that an AI agent will use as GitHub Actions, thus automating the interaction with code repositories. Because of the security defect, named GitLost, unauthenticated attackers can hide indirect prompts in crafted GitHub Issues. READ MORE...
A "systematic vulnerability pattern" in at least six of the most widely used AI coding assistants can be abused to trick agents into accessing files outside the workspace sandbox, leading to remote code execution on the developer's machine. Google-owned security biz Wiz found the security gap, which it's named "GhostApproval," and reported it to all six: Amazon Q Developer, Anthropic Claude Code, Augment, Cursor, Google Antigravity, and Windsurf. READ MORE...
Ubiquiti has released security updates to patch seven critical vulnerabilities in UniFi OS, including a maximum-severity flaw tracked as CVE-2026-50746 that can be exploited in command injection attacks. The CVE-2026-50746 vulnerability affects UniFi Connect Application (versions 3.4.16 and earlier), a management software suite that Ubiquiti customers can use to automate and manage commercial building operations via a single interface. READ MORE...