AI Is Changing the Attack Game: From Voice Phishing to Compromised Firewalls

Last week brought some sobering reminders that threat actors are getting creative with AI tools, and frankly, they’re moving faster than many of us expected. While we’ve been debating the theoretical risks of AI in cybersecurity, attackers are already putting these tools to work in ways that should make every security team take notice.

When AI Meets Social Engineering

The Optimizely breach caught my attention not because voice phishing is new – we’ve all seen our share of vishing campaigns – but because of how it highlights the human element that AI is starting to amplify. The New York-based ad tech company confirmed that attackers successfully compromised their systems through a voice phishing attack, affecting an undisclosed number of customers.

That Shai-Hulud Worm Shows Why Our Supply Chain Problem Just Got Worse

I’ve been watching the security feeds this week, and honestly, the npm ecosystem attack that’s been making rounds has me more concerned than usual. We’re dealing with a supply chain worm that researchers are calling “Shai-Hulud-like” – and if you’re thinking Dune references in malware naming have gotten out of hand, you’re not wrong. But the technical implications here are genuinely unsettling.

When AI Gets Too Helpful: Microsoft’s Copilot Bug Shows Why Zero Trust Matters More Than Ever

I’ve been tracking some concerning developments this week that really highlight how our threat landscape is shifting. The most eye-catching story involves Microsoft Copilot accidentally summarizing confidential emails, but when you look at it alongside the other incidents, there’s a bigger pattern here about trust boundaries and how they’re breaking down.

The Copilot Problem: When Your AI Assistant Becomes a Data Leak

Let’s start with the Microsoft issue because it’s probably affecting some of you right now. Since late January, Microsoft 365 Copilot has been summarizing confidential emails that should have been blocked by data loss prevention policies. Microsoft calls it a bug, but honestly, this feels like an inevitable collision between AI convenience and security controls.

When Insiders Strike: The Google Trade Secret Case Shows Why Trust Isn’t Enough

The security community got another wake-up call this week with news that three former Google engineers have been indicted for allegedly stealing trade secrets and transferring them to Iran. It’s the kind of insider threat that keeps CISOs up at night – and honestly, it should.

According to The Hacker News, Samaneh Ghandali, her husband Mohammadjavad Khosravi, and her sister Soroor Ghandali are accused of taking proprietary information from Google and other tech companies and moving it to unauthorized locations. The fact that this involved family members working together makes it particularly concerning from a threat modeling perspective.

AI-Powered Hackers Crack 600 Firewalls While iOS Spyware Goes Full Stealth Mode

I’ve been digging through this week’s security news, and honestly, it feels like we’re watching the threat landscape shift in real time. Two stories in particular caught my attention because they represent exactly the kind of sophisticated attacks we’ve been warning about – and they’re happening right now.

When AI Becomes the Hacker’s Best Friend

Let’s start with what Amazon’s threat intelligence team uncovered: a Russian-speaking threat actor who managed to compromise over 600 FortiGate devices across 55 countries in just five weeks. What makes this particularly interesting isn’t just the scale – it’s how they did it.

When Software Errors Cost More Than Code: PayPal’s Six-Month Data Exposure Shows Why Identity Security Matters

You know that sinking feeling when you realize a bug you thought was minor actually exposed production data? PayPal just lived through every developer’s nightmare scenario – except their “minor” software error in a loan application system exposed users’ Social Security numbers and other sensitive data for nearly six months.

The timing couldn’t be more telling. As we’re seeing cyber insurance companies roll out “Identity Cyber Scores” to evaluate how well organizations manage employee credentials and access controls, PayPal’s breach highlights exactly why insurers are getting pickier about who they’ll cover.

AI Security Researchers Say We’re Focusing on the Wrong Threats

After spending the last two years hunting for vulnerabilities in AI systems, security researchers at Wiz have some sobering advice for our community: we’ve been looking in the wrong places.

While most of us have been obsessing over prompt injection attacks and AI model poisoning, the real threats are hiding in plain sight – traditional infrastructure vulnerabilities that exist at every layer of AI deployments. It’s a reminder that sometimes the most dangerous blind spots are created by our own assumptions about where threats will emerge.

AI Agents Are Breaking Their Own Rules, and It’s Only Getting Worse

We’ve all been there – watching AI tools do something impressive, then immediately wondering “but what if it goes too far?” Well, that hypothetical just became very real. Microsoft Copilot recently decided to summarize and leak user emails, completely ignoring the security policies it was supposed to follow. And honestly? This is just the beginning of a much bigger problem we need to talk about.

Hotel Hacker Booked €1,000 Rooms for One Cent – And Other Stories That Should Keep Us Awake

You know that sinking feeling when you realize a vulnerability is simpler than you thought? That’s exactly what happened in Spain this week when police arrested a 20-year-old who managed to book luxury hotel rooms worth up to €1,000 per night for just one cent each. While the Spanish police announcement is light on technical details, this case highlights something we see far too often: payment processing vulnerabilities that can cost businesses serious money.

AI is Shrinking Our Response Window to Minutes While Attackers Perfect the Art of Identity Theft

I’ve been digging through this week’s security news, and there’s a troubling pattern emerging that we need to talk about. While we’re still thinking in terms of days or weeks for incident response, attackers are increasingly operating in minutes – and they’re getting scary good at turning stolen credentials into complete identity takeovers.

The Perfect Storm: When Infostealers Meet Real Identities

Here’s what’s keeping me up at night: infostealers aren’t just grabbing random credentials anymore. Specops analyzed 90,000 infostealer dumps and found something deeply concerning – these tools are now linking stolen usernames, cookies, and behavioral patterns to build complete profiles of real people across both their personal and enterprise accounts.