‘ChatGPT Tainted Memories’ Exploit Enables Command Injection in Atlas Browser
LayerX Security found a flaw in OpenAI’s ChatGPT Atlas browser that lets attackers inject commands into its memory, posing major security and phishing risks.
DomeWatch Leak Exposed Personal Data of Capitol Hill Applicants
Unsecured House Democrats’ resume bank (DomeWatch) exposed 7,000 records, including PII and “top secret” clearance status, raising identity theft fears.
Defensive Security Podcast Episode 327
Want to be the first to hear our episodes each week? Become a Patreon donor here.
Links to this week’s stories:
https://www.cybersecurity-insiders.com/how-ai-will-shape-the-future-of-cyber-defense-a-one-three-and-five-year-outlook/
http…
Crafted URLs can trick OpenAI Atlas into running dangerous commands
Attackers can trick OpenAI Atlas browser via prompt injection, treating malicious instructions disguised as URLs in the omnibox as trusted commands. Attackers can exploit the OpenAI Atlas browser by disguising malicious instructions as URLs in the omnibox, which Atlas interprets as trusted commands, enabling harmful actions. NeuralTrust researchers warn that agentic browsers fail by not […]
New HyperRat Android Malware Sold as Ready-Made Spy Tool
Researchers have uncovered HyperRat, a new Android malware sold as a service, giving attackers remote control, data theft tools, and mass phishing features.
From Perimeter to SOC: How Integrating Cisco Firewalls with Splunk Delivers End-to-End Threat Visibility and Compliance
Learn how Cisco Firewalls and Splunk integration strengthens SOC visibility, improves compliance readiness, and empowers teams with actionable security insights.
X to Retire Twitter.com, Users Must Re-Register Security Keys by Nov 10
X (formerly Twitter) is asking users with security keys to re-enroll by Nov 10 as it moves logins from twitter.com to x.com for continued 2FA access.
Hundreds of People With ‘Top Secret’ Clearance Exposed by House Democrats’ Website
A database containing information on people who applied for jobs with Democrats in the US House of Representatives was left accessible on the open web.
Everest Ransomware Says It Stole 1.5M Dublin Airport Passenger Records
Everest ransomware group claims to have stolen 1.5 million passenger records from Dublin Airport and personal data of 18,000 Air Arabia employees in latest breaches.
Scientists: Napoleon’s Mistreated Army Was Dying Faster Than Enemies Could Kill Them
For all the extravagant jewelry and fine dining the ruthless Napoleon loved to shower himself in, his troops basically died as disposable slaves. Binder says. “We have these paintings in the museums of soldiers in shiny armors, of Napoleon on his…