“Threat actors are increasingly abusing external Microsoft Teams collaboration to impersonate IT or helpdesk personnel and convince users to grant remote assistance access,” Microsoft says. #Cybersecurity https://www.bleepingcomputer.com/news/security/microsoft-teams-increasingly-abused-in-helpdesk-impersonation-attacks/
Trisha Clay (she/her)
- 123 Followers
- 98 Following
- 1.3K Posts
Higher Ed Technology Leader, DEIB advocate, Compassionate American, pro-humanity, MBA, Mom, Geek, Moravian https://patricia-m-clay.com
For over a decade, Google has said that API keys for public services such as Maps are not secrets, but recent research from Truffle Security showed that these keys can be used to authenticate to the Gemini AI assistant, potentially exposing personal data #cybersecurity https://www.securityweek.com/google-api-keys-in-android-apps-expose-gemini-endpoints-to-unauthorized-access/
Microsoft has suspended developer accounts used to maintain multiple high-profile open-source projects without proper notification and no way to quickly reinstate them, effectively blocking them from publishing new software builds and security patches for Windows users, including WireGuard, VeraCrypt, MemTest86, and Windscribe VPN https://www.bleepingcomputer.com/news/microsoft/microsoft-suspends-dev-accounts-for-high-profile-open-source-projects/
Microsoft suspends dev accounts for high-profile open source projects
Microsoft has suspended developer accounts used to maintain multiple high-profile open-source projects without proper notification and no way to quickly reinstate them, effectively blocking them from publishing new software builds and security patches for Windows users.
BrianKrebsNew, from me: Hackers linked to Russia’s military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security experts warned today. The spying campaign allowed state-backed Russian hackers to quietly siphon authentication tokens from users on more than 18,000 networks without deploying any malicious software or code.
https://krebsonsecurity.com/2026/04/russia-hacked-routers-to-steal-microsoft-office-tokens/
Exploit code dubbed Blue Hammer has been released for an unpatched Windows privilege escalation flaw reported privately to Microsoft, allowing attackers to gain SYSTEM or elevated administrator permissions #Cybersecurity https://www.bleepingcomputer.com/news/security/disgruntled-researcher-leaks-bluehammer-windows-zero-day-exploit/
“Every power plant in Iran will be out of business, burning, exploding and never to be used again,” he said at a press conference yesterday. He brushed off a Times reporter’s question about whether such strikes would violate the Geneva Conventions. #WarCrimes
Agnes Callamard, secretary general of Amnesty International, described Trump’s post as “revolting.”
“Running out of language to denounce and condemn. Iranian Civilians will be the first to suffer from the destruction of power plants and bridges. No heat, no electricity, no water, no capacity to move or to flee, and all that it means for their right to life,” she wrote on X in response to the threat. #TrumpAdministration
https://time.com/article/2026/04/05/trump-power-plants-iran-hormuz/
There’s a viral photo going around claiming a virtual coup because the Secretary of Defense’s firings of several military officers. The strongest factual case is this: firing three generals in one day, with no stated reason, during active wartime operations, is historically unusual and legitimately alarming on its face. The exaggerated claims in the post actually weakens the legitimate story by making it easier to dismiss as disinformation. #TrumpAdministration
Google announced that the AI-powered Google Drive ransomware detection feature has reached general availability and is now enabled by default for all paying users #cybersecurity https://www.bleepingcomputer.com/news/security/google-drive-ransomware-detection-now-on-by-default-for-paying-users/
