Mastodawn

Grype v0.94.0 released 🎉
https://github.com/anchore/grype/releases/tag/v0.94.0
#opensource #security #vulnerability

Release v0.94.0 · anchore/grype

Added Features Add echo os to grype [#2647 @orizerah] Bug Fixes Nonroot can't load local docker image with docker socket bind [#2721 #2723 @kzantow] "Harden Container Runtime with Non-Root User"...

GitHub

The DefendOps Diaries 6h ago

Trend Micro has just closed the door on critical flaws that could’ve let hackers run code in your security setup. Are you up to date with the latest patch fixes?

https://thedefendopsdiaries.com/trend-micro-addresses-critical-vulnerabilities-in-apex-central-and-endpoint-encryption-policyserver/

#trendmicro
#cybersecurity
#vulnerability
#patchmanagement
#remotecodeexecution

Hackread.com 13h ago

A zero-click flaw in #Microsoft365Copilot, dubbed #EchoLeak, lets attackers steal company data through a single email, no user action needed. AI assistants now pose real risks.

Read: https://hackread.com/zero-click-ai-flaw-microsoft-365-copilot-expose-data/

#CyberSecurity #AI #ZeroClick #Vulnerability #CoPilot

New 'Zero-Click' AI Flaw Found in Microsoft 365 Copilot, Exposing Data

Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto

Hackread.com 15h ago

⚠️ Over 40,000 unsecured internet-connected cameras found worldwide, and the US tops the list. From homes to offices, many feeds are wide open with no passwords or protections.

🔗 https://hackread.com/us-tops-list-unsecured-cameras-exposing-homes-offices/

#CyberSecurity #IoT #SecurityCamera #CCTV #Vulnerability

US Tops List of Unsecured Cameras Exposing Homes and Offices

Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto

Winbuzzer 16h ago

AI Tool Hunts and Patches 15-Year-Old 'Forever Bug' on GitHub

#AI #Cybersecurity #OpenSource #GitHub #Vulnerability #DevSecOps #InfoSec #Automation #LLM #CodeSecurity #AppSec

https://winbuzzer.com/2025/06/12/ai-tool-hunts-and-patches-15-year-old-forever-bug-on-github-xcxwbn/

ITSEC News 1d ago

Smashing Security podcast #421: Toothpick flirts, Google leaks, and ICE ICE scammers - What do a sleazy nightclub carpet, Google’s gaping privacy hole, and an international stu... https://grahamcluley.com/smashing-security-podcast-421/ #smashingsecurity #vulnerability #databreach #lawℴ #dataloss #podcast #privacy #google #ice

Smashing Security podcast #421: Toothpick flirts, Google leaks, and ICE ICE scammers

What do a sleazy nightclub carpet, Google’s gaping privacy hole, and an international student conned by fake ICE agents have in common? This week’s episode of…

Graham Cluley

Bill Statler 1d ago

##AI can be very helpful, and it doesn't care who it is helping. This particular ##vulnerability in ##Copilot has been fixed. I'm sure there aren't any others waiting to be discovered.

Zero-click AI data leak flaw uncovered in Microsoft 365 Copilot
A new attack dubbed 'EchoLeak' is the first known zero-click AI vulnerability that enables attackers to exfiltrate sensitive data from Microsoft 365 Copilot from a user's context without interaction. ...

The attack begins with a malicious email sent to the target, containing text unrelated to Copilot and formatted to look like a typical business document.

The email embeds a hidden prompt injection crafted to instruct the LLM to extract and exfiltrate sensitive internal data. ...

cc:news

Hackread.com 1d ago

🚗 The US CISA reports critical vulnerabilities in SinoTrack GPS devices that could let attackers remotely control vehicles and track locations.

Read: https://hackread.com/cisa-remote-control-flaws-sinotrack-gps-trackers/

#CyberSecurity #Vulnerability #SinoTrack #GPS #IoT