A significant security vulnerability has been discovered in Microsoft’s Copilot for M365 that allowed users, including potential malicious insiders, to access and interact with sensitive files without leaving any record in the official audit logs. After patching the flaw, Microsoft has reportedly decided against issuing a formal CVE or notifying …
Read More »Ohio based medical murijuana exposed 1 million records
Cybersecurity researcher Jeremiah Fowler found an unprotected database with 957,434 records belonging to an Ohio organization that assists people in obtaining certified medical marijuana cards. The database contained personal information, including PII, driver’s licenses, medical records, Social Security numbers, and other sensitive data. The publicly exposed databases were not password-protected …
Read More »
Spotlight: Asia, Europe and USA
Crypto24 To Bypass EDR, Including Trend Micro’s Vision One platform
Researchers have identified a new Crypto24 ransomware campaign, which they describe as a “dangerous evolution” in cybersecurity threats. According to Trend Micro researchers, recent attacks by Crypto24 actors display a combination of advanced evasion techniques and custom tools that can disable EDR solutions — including Trend Micro’s own Vision One …
Read More »UK telecom firm Colt suffers massive ransomware attack: data up for sale
UK telecoms company Colt suffered a cyberattack by the Warlock ransomware gang. The attack began on Tuesday, 12th August, around 11 am BST, initially reported as a technical issue. By Thursday, 14th August, Cold announced they were addressing a cyber incident affecting Colt Technology Services, including hosting, porting services, Colt …
Read More »Google Confirms Data Breach: Notifying Affected Users
Google confirmed that a recent data breach in one of its Salesforce CRM systems exposed information about potential Google Ads customers. “We’re writing to let you know about an event that affected a limited set of data in one of Google’s corporate Salesforce instances used to communicate with prospective Ads …
Read More »Cyberattack hits France’s third-largest mobile operator, affecting millions
Bouygues Telecom, a major telecom company in France and the third-largest mobile operator, announced on Wednesday that it suffered a cyberattack affecting millions of customers’ data. The nature of the attack was not disclosed, and the company said the “situation was resolved as quickly as possible” by its technical teams, …
Read More »Air France and KLM disclose data breaches
Air France and KLM announced on Wednesday that their customer service platform was hacked, resulting in stolen data from an unknown number of customers. Air France and KLM, along with Transavia, form the Air France–KLM Group, a French-Dutch airline holding company established in 2004, and a key player in global …
Read More »Cisco reveals data breach affecting Cisco.com user accounts
On July 24, 2025, Cisco learned of a vishing attack aimed at one of its representatives, allowing a bad actor to access basic profile information from a third-party CRM system. Upon learning of the incident, the actor’s access to that CRM system instance was immediately terminated and Cisco commenced an …
Read More »Cloud intrusions surged 136% H1 of 2025
Cloud intrusions increased significantly in the first half of 2025, rising 136% compared to all of 2024, as reported by CrowdStrike’s 2025 Threat Hunting Report. Researchers noted that the data shows more attackers are learning to target cloud environments by exploiting misconfigurations, maintaining access, and moving laterally. The explosion in …
Read More »French Telecom Giant Orange Hit by Cyberattack
Orange, a major French telecom company, announced on Monday that it was attacked by hackers. In the announcement, the company said that it detected a cyberattack “on one of its information systems” on July 25, and that it proceeded to “isolate potentially affected services and minimize any impact.” Orange stated …
Read More »
InfoSecBulletin Cybersecurity for mankind