Here are a few news stories from last week we found interesting and think are worth your attention.<\/p>\n\n\n\n
Security researchers have uncovered serious vulnerabilities in Perplexity AI’s Android app. Notably, API keys were easily accessible, potentially allowing attackers to impersonate users and access their conversations. Oh, 2 months ago same issues were discovered in Deepseeks Android app. <\/p>\n\n\n\n
This is really bad, you should not use it on Android. <\/em><\/p>\n\n\n\n Read more: <\/strong>https:\/\/www.darkreading.com\/application-security\/11-bugs-found-perplexity-chatbots-android-app<\/a><\/p>\n\n\n\n Essentially, the target gets an insane amount of harmless looking e-mails (like hundreds within 5 minutes) sent from a reputable marketing source like Mailchimp. Imagine real looking newsletters, signups, promotions etc. everything that the automatic checks would let through. And then \u201ca helpful IT person\u201d steps in to help the target resolve the issue and steal some credentials and breach along the way.<\/p>\n\n\n\n Something to include as an example in your next security training. <\/em><\/p>\n\n\n\n Read more: <\/strong>https:\/\/www.darktrace.com\/blog\/email-bombing-exposed-darktraces-email-defense-in-action<\/a> or here.<\/p>\n\n\n\n Initial incident happened in December 2024, it has taken months to recover, repell new attacks and coordinating with external cyber security service firm. <\/p>\n\n\n\n $23 million is bad but can you imagine coordinating with data protection authorities in 4 countries. <\/em><\/p>\n\n\n\nAttackers Are Now Into \u2018Spam bombing\u2019 as Part of Their Social Engineering Campaign (10.04.2025)<\/strong><\/h4>\n\n\n\n
Ransomware attack cost IKEA operator in Eastern Europe $23 million and they didn\u2019t even pay (11.04.2025)<\/strong><\/h4>\n\n\n\n