Infosecurity Magazine

DragonForce Ransomware Exploited Microsoft Teams to Hide in Attack Against Major Company

Command and control traffic exploited a Teams visitor token to make malicious activity look legitimate to defenders ...
The Hacker News

OceanLotus Hits Vietnam Investors With SPECTRALVIPER in FireAnt Attack

The Vietnam-aligned threat actor known as OceanLotus has been attributed to two distinct campaigns that targeted domestic ...

Google Uncovers Chinese Espionage Campaign Hidden in Research Networks for Over Two Years

Google says China-linked UNC6508 infiltrated North American research networks, stealing sensitive defense, AI and medical ...
Dark Reading

Tropical Blend: Cyber & Politics Ramp Up Across Latin America

China-linked espionage groups have attacked a dozen nations in the region, gathering information on maritime shipping, oil production, and other interests.

Coempt gave CBSE cyber certificates that were expired, tied to other client

The cybersecurity certificates submitted to CBSE for its OSM platform were outdated and covered a different client's deployment, raising questions on the platform's actual security.
The Hacker News

Hacking Salesforce Sites With an LLM Agent

AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.
Opinion
Becker's Hospital ReviewOpinion

Why most health systems aren’t ready for AI and what an honest readiness assessment actually looks like

Most health systems aren’t ready for AI due to six structural gaps; learn how CEOs and CIOs can assess readiness in 30 to 90 days.
WeLiveSecurity

OceanLotus: From external espionage to domestic targeting

Our tracking of OceanLotus activities from 2024–2026 reveals a shift in operational focus. During this period, the Vietnam-aligned OceanLotus adopted a more selective approach to external operations ...
Tech Times

Google Cloud Open Knowledge Format Turns Scattered Org Knowledge Into Agent-Ready Bundles

Google Open Knowledge Format (OKF) v0.1 gives AI agent teams a vendor-neutral Markdown spec for sharing organizational ...

Internal Red Flags, CERT-In Warnings, Firm Track Record: What CBSE Ignored For OSM Tender

CBSE OSM: What was projected as a major digital transformation in India’s school examination system is now facing intense ...
GitHub

SQL-Servers-lab.md

Objective: Gain code execution, move laterally, and escalate privileges across MS SQL servers in the CONTOSO environment. Attack path summary: Enumerate SQL servers in AD → Find a low-priv user that ...