A security vulnerability in ChatGPT executed with a single malicious prompt could be exploited to covertly exfiltrate sensitive data from prompts and messages. The security issue, which enabled data exfiltration and remote code execution, was discovered by cybersecurity researchers at… Read More "ChatGPT Security Issue Enabled Data Theft via Single Prompt"
If that cooperation disappears, so does any clear path home. Labor organizations such as the International Transport Workers’ Federation (ITF) say intervention is possible, but often depends on coordination across jurisdictions and cooperation from ship owners. “When the war broke… Read More "The Broken System That Keeps Shipping Crews Stranded in the Strait of Hormuz"
Chinese-speaking users are the target of an active campaign that uses typosquatted domains impersonating trusted software brands to deliver a previously undocumented remote access trojan named AtlasCross RAT. “The operation covers VPN clients, encrypted messengers, video conferencing tools, cryptocurrency trackers,… Read More "Silver Fox Expands Asia Cyber Campaign with AtlasCross RAT and Fake Domains"
ChatGPT’s hidden outbound channel leaks user data OpenAI has reportedly fixed a parallel bug in ChatGPT that goes beyond credential theft. Check Point researchers uncovered a hidden outbound communication path in ChatGPT’s code execution runtime that could be triggered with… Read More "OpenAI patches twin leaks as Codex slips and ChatGPT spills"
Researchers have observed a “dangerous convergence” between supply chain attackers and extortion gangs like Lapsus$ as TeamPCP looks to exploit stolen credentials. In a new report published on March 30, security researchers at Wiz, now part of Google Cloud, said… Read More "TeamPCP Explores Ways to Exploit Stolen Supply Chain Secrets"
What I have seen forward-looking organizations do is elevate OT security to the board level so that OT risk is added to the Risk Register as board oversight. Organizations that I work with, where life and health concerns are top… Read More "The external pressures redefining cybersecurity risk"
Breaches of employee data reported to the UK regulator have hit their highest level in at least seven years, according to new analysis from law firm Nockolds. The company said that reports to the Information Commissioner’s Office (ICO) had increased… Read More "Employee Data Breaches Surge to Seven-Year High"
8. Double-down on cybersecurity fundamentals One of the most effective low-cost security strategies is to double down on fundamentals such as identity protection, patching, visibility, and user awareness, says Jeff Foresman, vice president of cybersecurity at technology services firm Resultant.… Read More "8 ways to bolster your security posture on the cheap"
UK organizations have been encouraged to immediately patch a critical new vulnerability in F5’s BIG-IP Access Policy Manager (APM) product currently under active exploitation. The National Cyber Security Centre (NCSC) explained that it is still “working to fully understand UK impact… Read More "NCSC Urges Immediate Patching of F5 BIG-IP Bug"
The floor validated this but added dimensions my preview had underweighted. Mike Leland of Island framed the enterprise AI risk surface comprehensively: data leakage, shadow AI, prompt injection, copyright and IP infringement, hallucinations, and data residency. These aren’t sequential concerns… Read More "6 key takeaways from RSA Conference 2026"
