Threat Intel

Subscribe to read

A KPMG Australia partner was fined A$10,000 for using AI tools to complete an internal training course on AI usage, highlighting the broader challenge professional services firms face with AI-enabled cheating. KPMG Australia has reported over two dozen staff caught using AI improperly during internal exams this financial year and is implementing measures to track AI misuse in its annual reporting. The incident, which came to light during a Senate inquiry into industry governance, underscores systemic issues in professional oversight, as the Australian Securities and Investments Commission will only pursue further action if the accountants’ professional trade body initiates disciplinary proceedings—a requirement that relies on individual self-reporting rather than mandatory disclosure by firms.​​​​​​​​​​​​​​​​

Canada Goose confirms data leak - around 600,000 customers thought to be affected | TechRadar

Hackers have leaked over 600,000 customer records from Canada Goose, including personal and partial payment data. Canada Goose claims the data stems from past transactions, possibly through a third-party processor, and not a breach of their own systems, though the limited data still poses phishing and fraud risks.

Speedtest® Connectivity Report | Canada H2 2025

The Speedtest Connectivity Report for Canada H2 2025 reveals Bell as the leader in 5G performance, offering the fastest 5G speeds and best mobile gaming and video experiences. Bell pure fibre also dominated the fixed broadband market, recognized as the fastest and top-rated ISP with the best gaming experience. Rogers excelled in mobile video experience and 5G availability, while TELUS was noted for the most consistent mobile network.

Japanese sex toys maker Tenga discloses data breach

Japanese sex toys maker Tenga disclosed a data breach after a hacker accessed an employee’s email account, potentially exposing customer names, emails, and order details. The company is notifying affected customers and has reset credentials and enabled multi-factor authentication.

Google Ads and Claude AI Abused to Spread MacSync Malware via ClickFix

Cybersecurity experts have identified a new ClickFix attack where hackers exploit Google Ads and fake Claude AI guides to distribute the MacSync malware to Mac users. This malware steals sensitive data, including passwords and cryptocurrency keys, by tricking users into pasting malicious commands into their Terminal.

Hackers Exploit ‘Summarize with AI’ Feature to Inject Malicious Prompts into AI Recommendations

Hackers are exploiting ‘Summarize with AI’ features to inject malicious prompts into AI recommendations, a tactic Microsoft calls AI Recommendation Poisoning. This method can subtly influence AI assistants like Copilot and ChatGPT to favor specific sources or brands, potentially leading users to biased or untrustworthy information.

ChatGPT gets new security feature to fight prompt injection attacks - Help Net Security

OpenAI has launched Lockdown Mode and Elevated Risk labels for ChatGPT to combat prompt injection attacks and other advanced security threats, particularly when interacting with external systems. Lockdown Mode, an optional setting for enterprise users, limits ChatGPT’s ability to connect to external tools and data to prevent exfiltration, while Elevated Risk labels provide in-product warnings about potential security implications of certain features.

New ZeroDayRAT Mobile Spyware Enables Real-Time Surveillance and Data Theft

A new mobile spyware platform named ZeroDayRAT has been discovered, capable of real-time surveillance and data theft on both Android and iOS devices. This sophisticated toolkit, advertised on Telegram, allows attackers to access sensitive information, track locations, intercept messages, and even reroute financial transactions.

Leaky Chrome extensions with 37M installs caught divulging your browsing history | CSO Online

A security researcher discovered that 287 Chrome extensions, with a total of 37 million installs, were leaking users' browsing history by sending data like search queries and timestamps to external servers. These extensions, including VPNs and productivity tools, used encrypted payloads to make detection difficult, potentially enabling corporate espionage and credential harvesting.

UK sets course for stricter AI chatbot regulation - Help Net Security

The UK government is implementing stricter regulations for AI chatbot providers to protect children from harmful content, with legal consequences for non-compliance. These measures, informed by a consultation on online wellbeing, aim to quickly update online safety rules to keep pace with rapidly evolving technology.

‘AI is no longer about experiments. It is about results’: Boards are pushing for faster returns on AI investments, and tech leaders can’t keep pace | IT Pro

Boards are increasingly pressuring businesses to demonstrate measurable returns on AI investments within months, shifting focus from experimentation to tangible results. While many leaders expect AI to drive business value soon, challenges persist in talent, strategic alignment, and execution, leading to concerns about AI ROI and adoption fragmentation.

Amazon Scraps Partnership With Surveillance Company After Super Bowl Ad Backlash - SecurityWeek

Amazon’s smart doorbell maker Ring has ended its partnership with Flock Safety, a police surveillance tech company, following a public backlash to a Ring Super Bowl ad that raised fears of a dystopian surveillance society. While the ad was not directly related to Flock, Ring stated the integration with Flock required more time and resources than anticipated, and Flock confirmed the mutual decision was made to best serve their respective customers.

Password managers less secure than promised | ETH Zurich

Researchers from ETH Zurich have discovered significant security vulnerabilities in three popular password managers, enabling attackers to view and alter stored passwords. The study, which analyzed Bitwarden, Lastpass, and Dashlane, found that despite promises of zero-knowledge encryption, attackers could exploit simple user interactions to compromise password vaults.

Microsoft AI chief gives it 18 months—for all white-collar work to be automated by AI | Fortune

Microsoft AI CEO Mustafa Suleyman predicts that AI will automate most white-collar work within 18 months, impacting professions like accounting, legal, and marketing. While some experts express concern about job displacement and the rapid advancement of AI, current evidence shows only marginal productivity improvements and limited impact outside the tech industry.

Figure Technology Data Breach: Hackers Leak 2.5GB After Social Engineering Attack - FinanceFeeds

A data breach occurred at Figure Technology, a blockchain-based lending firm, after a social engineering attack manipulated an employee, leading to the exposure of customer personal information like names and addresses. The hacking collective ShinyHunters claimed responsibility, leaking approximately 2.5GB of data and alleging Figure declined a ransom demand.

Fintech lending giant Figure confirms data breach | TechCrunch

Fintech lending company Figure confirmed a data breach resulting from a social engineering attack that compromised employee credentials. The hacking group ShinyHunters claimed responsibility, allegedly leaking customer data including names, addresses, and phone numbers, and stated Figure was a victim of a campaign targeting Okta users.

Anthropic CEO Dario Amodei just issued a sobering warning that diverges sharply from the typical tech optimism we see in Silicon Valley. In a recent interview, he predicted that AI could wipe out 50% of entry-level white-collar jobs and drive unemployment to 20% within the next 1 to 5 years.

His main argument is about velocity. While society has adapted to technological shifts in the past, Amodei warns that AI is advancing faster than the labor market can adapt. He believes reliance on “natural adaptation” is too optimistic and actually suggests radical policy changes—including taxing AI companies like his own—to prevent extreme inequality and protect the democratic social contract.

His advice to professionals is simple: do not get blindsided. Start learning to use these tools immediately to speed up your own adaptation curve.

Watch the full interview here: www.youtube.com/watch

#ArtificialIntelligence #FutureOfWork #Anthropic #Economy #TechNews

BeyondTrust Vulnerability Targeted by Hackers Within 24 Hours of PoC Release - SecurityWeek

Threat actors are actively exploiting a critical BeyondTrust vulnerability (CVE-2026-1731) within 24 hours of a proof-of-concept (PoC) exploit being released. This flaw, affecting BeyondTrust Remote Support and Privileged Remote Access, allows for unauthenticated remote code execution and has seen exploitation attempts from multiple IP addresses, some previously involved in other vulnerability exploits.

Google fears massive attempt to clone Gemini AI through model extraction | CSO Online

Google detected and blocked a campaign using over 100,000 prompts aimed at cloning its Gemini AI model through model extraction, a process that allows attackers to create smaller models with the core traits of larger ones. This tactic is considered intellectual property theft, and Google is actively working to prevent it while also noting that nation-state groups have used Gemini to accelerate their own attack operations.

CISA flags critical Microsoft SCCM flaw as exploited in attacks

CISA has flagged a critical Microsoft Configuration Manager (SCCM) vulnerability, CVE-2024-43468, as actively exploited in attacks, ordering U.S. government agencies to patch it by March 5th. This SQL injection flaw allows unauthenticated attackers to gain code execution with the highest privileges, despite Microsoft initially deeming exploitation unlikely.

Fake North Korean IT workers are rampant on LinkedIn – security experts warn operatives are stealing profiles to apply for jobs and infiltrate firms | IT Pro

Security experts warn that fake North Korean IT workers are exploiting LinkedIn by hijacking genuine profiles to apply for remote jobs and infiltrate companies. These operatives use verified credentials and create convincing employment histories, posing a significant cyber risk by potentially stealing intellectual property and installing malware.

Phishing Campaigns Target Users with Fake Meeting Invites and Update Alerts via Zoom, Teams, and Google Meet

A new wave of phishing campaigns is targeting users through fake meeting invites and update alerts for platforms like Zoom, Teams, and Google Meet. These attacks trick users into downloading malicious updates that install Remote Monitoring and Management (RMM) tools, granting attackers full system access.

OpenClaw 2026.2.12 Released With Fix for 40+ Security Issues

The release of OpenClaw 2026.2.12 addresses over 40 security vulnerabilities, significantly enhancing the AI agent platform’s protection. Key improvements include strengthened SSRF defenses in the gateway, prompt-injection mitigation by sanitizing tool outputs, and hardening of hooks and webhooks with constant-time checks and rate limiting.

How to find and remove credential-stealing Chrome extensions | Malwarebytes

Researchers discovered 30 malicious Chrome extensions in the Chrome Web Store that were stealing credentials from over 260,000 users by using a full-screen iframe. The article provides instructions on how to find and remove these extensions from Chrome and Edge browsers, emphasizing the use of unique extension IDs for accurate identification.

Major ‘vibe-coding’ platform Orchids is easily hacked, researcher finds

A cyber-security risk has been discovered in the AI coding platform Orchids, allowing a researcher to hack a BBC reporter’s laptop through a zero-click attack. This vulnerability highlights the potential dangers of AI bots having deep access to computers, even as such platforms gain popularity for enabling users without technical skills to create apps and games.