News

Web infrastructure provider Vercel has reported a security breach affecting its internal systems. The incident originated from a hack involving Context.ai, a third-party artificial intelligence tool used by a Vercel employee. As a result of this breach, the attacker was able to gain unauthorized access to the employee's Google Workspace account. This incident raises concerns about the security of third-party applications and the potential risk they pose to a company's sensitive information. Vercel is currently assessing the scope of the breach and its implications for customer data. While it is indicated that customer credentials may have been limitedly exposed, Vercel has not provided detailed information on the extent of the data compromised. Source: [publication name].

Vercel, a cloud development platform, has confirmed a security breach after hackers claimed to have accessed its systems. The attackers are reportedly trying to sell the stolen data. Vercel has not released specific details about the number of users affected or the type of data involved. The company is actively investigating the incident and has assured its users of their commitment to data security. As cyber threats continue to evolve, users are advised to be vigilant about their personal information and implement security measures to protect themselves against potential misuse. Source: [publication name].

Recent advancements in AI agents, such as those developed with OpenClaw, have raised significant cybersecurity concerns. These AI tools are capable of performing risky actions, including deleting emails and exposing users' personal information. As they increasingly access sensitive accounts, they present attractive targets for cybercriminals who aim to exploit weaknesses and steal valuable data. The growing use of such powerful AI in daily tasks underlines the need for caution, as the potential security threats continue to evolve. Users are advised to remain vigilant and take necessary precautions to protect their information. Source: [publication name].

In 2024, a significant 68% of cloud breaches were due to compromised service accounts and overlooked API keys, rather than typical threats like phishing or weak passwords. Organizations often have 40 to 50 automated credentials for each employee, including service accounts and API tokens. When projects conclude or employees depart, these unmanaged identities can remain unmonitored, increasing security vulnerabilities. To mitigate these risks, companies should assess and eliminate 'ghost identities' that could potentially expose sensitive enterprise data. Effective management of such credentials is vital for maintaining cloud security. Source: [publication name].

In a significant move to enhance user privacy and combat fraud, Google reported blocking 8.3 billion ads and suspending 24.9 million accounts in 2025. The company unveiled policy updates aimed at reinforcing user protection related to contact and location permissions on Android devices. These changes will impact how third-party applications access sensitive user information, such as contact lists and geographical locations. Google's latest efforts reflect a growing commitment to safeguard users' data and security on its platforms. This initiative highlights the importance of user privacy in an increasingly digital world. Source: [publication name].

Cybercriminals are increasingly adept at bypassing security measures, particularly in environments outside traditional IT settings. To enhance security, the adoption of Two-Factor Authentication (2FA) is recommended. This method adds an additional layer of protection, making it harder for unauthorized users to gain access, even in physical locations. As threats evolve, implementing 2FA can be a critical step for individuals and businesses looking to safeguard sensitive information and mitigate risks associated with cyberattacks. This shift towards broader usage of 2FA underscores the importance of proactive security measures in combating cyber crime. Source: [publication name].

Asian organizations face unique security risks due to varied regulations, interconnected digital systems, and the increasing use of artificial intelligence. These factors have made the digital supply chain complex, requiring organizations to adapt and implement robust security measures. The diverse regulatory landscape across countries adds another layer of difficulty in standardizing security protocols. As businesses continue to rely on digital solutions, understanding these risks and developing strategies to mitigate them is crucial. Awareness and preparedness can help combat potential cyber threats in this evolving environment. Source: [publication name].

Microsoft and Salesforce have recently addressed critical vulnerabilities in their AI products, Salesforce Agentforce and Microsoft Copilot. These flaws, known as prompt injections, could have allowed unauthorized attackers to access and leak sensitive information from the systems. By implementing these patches, both companies aim to enhance the security of their applications and protect user data from potential breaches. Users are advised to ensure their software is updated to benefit from these security improvements. Keeping software up to date is essential for safeguarding against cyber threats. Source: [publication name].

Security experts have reported that Russian military intelligence-linked hackers are exploiting vulnerabilities in older internet routers to obtain authentication tokens from Microsoft Office users. This advanced spying campaign has affected over 18,000 networks globally, allowing hackers to extract these tokens without the need for malicious software. As a result, users’ credentials can be compromised, posing a significant threat to organizational and personal data security. Awareness and proactive security measures are essential for users to protect themselves against such targeted attacks. Source: CyberSathi.in.

Cybercriminals are exploiting vulnerabilities in pharmacy management systems to gain unauthorized access and obtain free prescription medications. These attacks involve compromising pharmacy networks and databases to manipulate prescription records or dispense medications without legitimate transactions. Such breaches pose serious health risks, enabling controlled substance diversion and creating records of fake prescriptions. Victims may face identity theft and financial fraud. Pharmacies are urged to strengthen cybersecurity measures, implement multi-factor authentication, and maintain regular security audits. Individuals should verify prescriptions with their healthcare providers and monitor pharmacy accounts for suspicious activity. Source: Security Research Publications.