Search This Blog

Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Latest News

Phishing Campaign Targets Marketing Professionals Using Fake Job Interviews from Top Global Brands

  A sophisticated phishing campaign is targeting marketing professionals by posing as recruiters from more than 30 globally recognized bran...

All the recent news you need to know

Mount Royal University says hackers stole and deleted files following June cyberattack





Mount Royal University (MRU) has confirmed that threat actors stole data and deleted files after breaching the university's network in a cyberattack that continues to affect recovery efforts weeks after the incident.

In an update published on its website, the Calgary-based public university said the attack occurred on June 17 and that internal technical teams are working alongside external cybersecurity specialists to investigate the intrusion, determine its full scope, and restore affected systems.

The cyberattack disrupted a wide range of university services, including internet connectivity, online platforms, and several internal systems used across campus. Recovery efforts remain ongoing, with the university warning that restoring all affected services may take several weeks or, in some cases, months.

According to the university's investigation, attackers gained unauthorized access to data stored on the institution's "H drive," a file storage system used by students and employees. Investigators have confirmed that files stored within certain folders were accessed and exfiltrated before the attackers deleted the original copies, a move that has further complicated recovery operations.

"We regret to inform our community that our investigation has now shown that data within certain folders on the University's 'H drive' was accessed and taken by an unauthorized actor," the university said in its advisory.

MRU said the affected folders contained information relating to current and former students, current and former employees, as well as other individuals whose data was stored within the impacted environment. The university has not yet disclosed the exact categories of information exposed or the total number of people affected.

The investigation also found that attackers deleted data stored on a separate departmental file storage system known as the "J drive." While the university said there is currently no evidence that information from the J drive was accessed or copied before it was erased, officials cautioned that recovering the deleted data remains an ongoing process and acknowledged that a complete restoration may not be possible.

The university has reported the incident to the Alberta Information and Privacy Commissioner and notified law enforcement authorities. Officials added that determining the precise impact for each affected individual will take time because the deletion of files has made forensic analysis more complex. Individuals whose information is confirmed to have been affected will receive direct notifications as the investigation progresses.

Responsibility for the attack has been claimed by the cybercrime group CMD Organization, which has published samples of what it alleges is stolen university data, including passport scans and other sensitive documents.

The group is demanding a ransom of 30 Bitcoin, valued at approximately $1.9 million at current exchange rates, and has reportedly given the university six days to respond before releasing additional data. CMD Organization also appears to operate an auction-based extortion model, advertising exclusive access to stolen datasets for the highest bidder through both clear web and dark web leak sites. At the time of writing, the group lists approximately 30 organizations on its extortion portal.

Founded more than a century ago, Mount Royal University currently serves about 11,560 students, including roughly 12,500 undergraduate learners.

As recovery work continues, the university said it will provide additional updates as more information becomes available. MRU is also offering two years of credit monitoring and identity theft protection to current employees and individuals who have worked at the university within the past five years.

AI Agent Executes End-to-End Ransomware Attack Without Human Intervention, Researchers Say

 

Cybersecurity researchers have uncovered what they believe is the first ransomware attack conducted by an autonomous artificial intelligence agent which they named JADEPUFFER. It is notable because the AI performed all stages of the attack, from targeting and compromising the system to installing and using ransomware, without requiring any human input. 

The researchers noted that JADEPUFFER targeted a vulnerability in the open-source application Langflow which was used to design and build various AI applications and tools. The vulnerability was already patched but many internet-facing instances of the application remained unpatching, giving the AI agent an entry point. Many such instances host API keys, cloud service credentials, and database tokens, making them an attractive target for bad actors.

After compromising the target, the AI agent began scanning the system for any valuable information, including cloud service credentials, wallet addresses, API keys, and database passwords. It also located a storage server which had default administrator credentials. Researchers noted that JADEPUFFER used this server as a foothold to pivot to other systems on the network. 

The AI agent managed to establish persistence on the compromised system by implanting a backdoor which sent out requests to a remote command and control server. It then lateraled to the production database server and used the administrative privileges to exploit another vulnerability in the system configuration service. 

It then created its own administration account in the server using a default signing key and altered other configurations in the system. JADEPUFFER proceeded to encrypt over 1300 configuration entries, deleting them before encrypting more data and displaying a ransom note demanding payment in Bitcoins. However, the researchers noted that the ransomware used a randomly generated encryption key which was only viewable once. 

In addition, the ransomware did not store or transmit the decryption key in any way, meaning that the victims would be unable to recover their data even if they paid the ransom. In addition to encrypting data, JADEPUFFER also deleted several databases after claiming that it had backed up the data elsewhere. However, researchers at Sysdig found no evidence that the data had been successfully backed up or transferred. This indicated that the attackers might have been trying to extort more money from the victims, potentially by threatening to delete all data or hinder recovery efforts. 

The researchers concluded that the ransomware attack was performed by an artificial intelligence due to the nature of certain observed behaviors. They noted that most of the ransomware’s behaviors were documented in natural language within the malware’s code, a practice common in many large language models. Additionally, the AI was able to resolve some of its own errors, such as failed authentication attempts, without requiring human intervention. The researchers estimated that over 600 discrete actions had been taken by the AI during the attack. 

The researchers added that while many of the techniques used by JADEPUFFER had been seen in other ransomware attacks, the fact that an autonomous AI agent had been able to use them in succession to launch a major ransomware attack was notable. They believe that such an attack has significant implications for the future of ransomware attacks, as it reduces the level of expertise needed to launch such an attack and allows attacks to occur at a much faster rate than would otherwise be possible. 

The researchers recommended that organizations reduce the risk of falling victim to similar attacks by ensuring that all software is updated to the latest versions, keeping administration systems offline when possible, protecting cloud service credentials, and monitoring systems for signs of unauthorized automated activity. Sysdig noted that JADEPUFFER was a warning about the potential threat posed by agentic AI ransomware in the future as the technology becomes more advanced.

Fake Paysafe and Skrill SDKs on npm and PyPI Steal Developer Credentials

 

A coordinated supply-chain attack has compromised developers by distributing 17 malicious packages on npm and PyPI that impersonate legitimate SDKs for Paysafe, Skrill, and Neteller payment services. These packages were designed to silently exfiltrate sensitive credentials, including API keys, AWS tokens, GitHub secrets, and npm tokens, to a command-and-control server hosted on Amazon Web Services. 

The threat actor published these fake SDKs with names closely resembling official payment integration libraries, such as paysafe-checkout, skrill-payments, and paysafe-api. While the packages expose expected APIs and return fake success responses to avoid detection, their real purpose is credential theft. The embedded malware scans the compromised environment for secrets and exfiltrates them to the attacker's server. 

Security researchers at Socket identified 13 malicious npm packages and four PyPI packages in this campaign. The npm packages were released in four versions (1.0.0 to 1.0.3), while the PyPI packages had only one malicious version (1.0.0). The full list includes well-known names like paysafe-js, paysafe-fraud, skrill-sdk, neteller, and paysafe-kyc. Developers who installed any of these packages risked having their secrets stolen, especially if they were working on payment integration projects for these services. The data theft module in the npm packages attempts exfiltration only if a Paysafe API key is present and activates when the fake SDK is called. The PyPI packages automatically activate the data theft routine upon initialization and do not require a Paysafe API key to be present at all. 

The malware incorporates basic anti-analysis features to avoid detection in sandboxed or virtualized environments. For instance, it halts execution if it detects fewer than two CPU cores or if the hostname or username suggests a virtual machine. To detect potential compromise, organizations should search their dependency trees for the listed package names and scan CI/CD logs for PAYSAFE_API_KEY in combination with these packages. Denying requests for these packages at the registry proxy level is also recommended to prevent accidental installation. If any of the listed packages were installed, developers are recommended to immediately rotate all secrets on any machine that imported or executed this package. 

The researchers also advise searching dependency trees for the package names used in the campaign and deny any requests for them at the registry proxy level. It is also recommended to look in the logs of Continuous Integration (CI) systems for PAYSAFE_API_KEY in combination with any of the listed package names. Additionally, teams should audit their project dependencies and CI/CD pipelines to ensure no traces of these malicious packages remain. Staying vigilant and verifying package sources before installation remains crucial to avoiding similar supply-chain attacks in the future. This incident highlights the growing sophistication of attackers targeting open-source repositories and the critical need for robust software supply-chain security practices. 

Developers must remain cautious when integrating third-party libraries into their projects, especially those related to financial services and payment processing. The use of automated dependency scanning tools and regular security audits can help identify and mitigate risks associated with malicious packages. Furthermore, organizations should implement strict access controls and monitoring for their CI/CD environments to detect and respond to potential credential theft attempts quickly. By adopting a proactive security posture and staying informed about emerging threats, the developer community can better protect itself against evolving supply-chain attacks.

Rogue Agent Bug Could Have Let Attackers Hack AI Conversations


A critical vulnerability in Google’s Dialogflow could have let a hacker exploit other Code-Block-enabled agents via one Code Block-power agent, in one Google Cloud project.

After this, the attacker could read chats, steal user data, and command bots to send hacker-written texts such as re-entering a password.

Discovery of the bug

Cyber security firm Varonis discovered the tactic and called it ‘Rogue Agent.’ The bug impacted only businesses that make agents with custom Code Blocks and Dialogflow’s Playbooks, which allows hackers to add their own Python. The attack was not remote, or unauthorized.

For the attack to happen, it required the dialogflow.playbooks.update green light one such agent, which restricts the hacker to an infected insider or a breached developer account, not some stranger on the web. From that point, the reach extended to every agent inside the project.

Google has patched the bug, and Varonis and Google have said there are no signs that the flaw was deployed in a real attack or campaign.

Single writable file prompted each agent Code Blocks

Dialogflow’s Code Blocks allows developers to add custom Python to a chatbot’s flow to test input, invoke defined tools, and control behavior. 

The code runs within a Google-operated Cloud Run environment, and every agent that uses Code Blocks in the similar Google Cloud project shares one incident of it. The customer cannot control or see the environment that Google runs, meanwhile Varonis discovered no real separation between the agents within it.

Attack tactic

When the agent runs a Code Block, the code is added to internal setup code and sent to Python’s exec()function. The functions and variables that block can touch are defined by the setup. 

Functions consist(), which makes the bot reply with a given string, whereas variables consist of a history of full chats and state for session information such as the session ID.

Varonis discovered code_execution_env.py, the file that does this wrapping, lying in the shared environment with write access. 

As the file was writable, a single Code Block could change it. The block downloads an altered code_execution_env.py from a threat actor-controlled server and overwrites the original within the running container.

After that, the attacker’s variant commands every Code Block deployment throughout every agent that shares the environment. The attacker’s code sits in the same place as the real code, with similar access to respond(), state, and history, 

Accenture Confirms Cyber Breach as Hacker Lists Alleged Company Data


 

Accenture, a global IT services firm, has confirmed experiencing a cybersecurity breach as a threat actor claimed to have stolen company data and was offering it for sale on a cybercrime forum. The breach claim was made in relation to the dataset which was offered for sale on July 6 on a cybercrime forum for the cryptocurrency Monero (XMR).

According to the listing, the stolen documents originated from Accenture's internal environment, and were described as an "Accenture Data Breach." A threat actor claiming to be "888" reported that in July 2026, more than 35 gigabytes of data were exfiltrated from Accenture's systems. This confirmation follows the allegations by the threat actor. It is possible that the exposed source code and cloud credentials could pose broader security risks if they are authentic, giving unauthorized access to development environments, cloud infrastructures, or software repositories. 

However, no public evidence is available to indicate whether the alleged credentials remain valid or have been misused. An Azure DevOps repository associated with an Accenture domain has been claimed to be accessed by the threat actor, according to a screenshot that the threat actor has published to support this claim. However, the extent and authenticity of the alleged data have not been independently verified. 

Accenture confirmed the security incident, but did not verify the threat actor's claims regarding the reported 35 gigabytes of stolen data or the alleged content of the dataset. Additionally, the company has not disclosed how the attackers gained access, whether any customer information was compromised, or whether any of the credentials exposed remain active.

In addition, Accenture declined to disclose how the attackers gained access to the company or whether customer information had been compromised. This incident follows prior claims of cybersecurity breaches involving Accenture. The same threat actor claimed in 2024 that employee data had been compromised as a result of a third-party breach. 

Accenture later dispute the scale of these claims, stating its review revealed that only limited employee information had been discovered and no evidence of compromises to its own systems or customer environments. It was also targeted by the LockBit ransomware group in 2021. Earlier, in 2021, the company announced a breach following a LockBit ransomware attack. 

Cybercriminals are increasingly using underground marketplaces to monetize stolen corporate data, which highlights the continued risks organizations face from credential theft and source code exposure. Additional information regarding the extent of the breach and potential consequences for customers remains unknown as investigations continue.

Investigations are ongoing, but it remains unclear what the full scope of the incident is. Accenture has confirmed that a security breach occurred but has stated that operations remain unaffected. However, questions remain regarding the authenticity of the alleged dataset, the means by which the data was compromised, and any potential impacts on customers.

Microsoft 365 Users Targeted in New Device Code Phishing Campaign

 



Cybersecurity researchers have revealed a phishing campaign that is exploiting Microsoft's legitimate device authentication process to seize control of Microsoft 365 accounts, reflecting a broader shift in how cybercriminals are conducting identity-focused attacks. Rather than stealing passwords through counterfeit login pages, the operation manipulates victims into completing a genuine Microsoft authentication process, allowing attackers to obtain valid authentication tokens that grant direct access to compromised accounts.

The campaign, tracked by email security firm ZeroBEC, was observed between the final week of June and early July 2026. Investigators found that the attackers relied on collaboration-themed phishing lures that directed recipients to Microsoft's authentic device login experience instead of fraudulent credential harvesting websites. Behind the scenes, a backend broker generated Microsoft device authentication codes and continuously polled the authentication process until victims completed the sign-in sequence, enabling the attackers to capture valid authentication tokens without ever collecting passwords.

Researchers noted that the activity closely resembles techniques previously documented by Microsoft in its investigation of the threat cluster known as Storm-2372. That campaign, first disclosed in February 2025, used fake Microsoft Teams invitations and messaging-themed social engineering to persuade victims to enter attacker-generated device codes. Once authentication was completed, the attackers received valid access tokens that allowed them to take over Microsoft 365 accounts. Microsoft said Storm-2372 had targeted organizations across government, defense, healthcare, telecommunications, higher education, information technology, energy, and non-governmental sectors spanning Europe, North America, Africa, and the Middle East. The company also stated that the attacks abused legitimate authentication functionality rather than exploiting vulnerabilities in Microsoft products.

Although the latest campaign mirrors many of Storm-2372's tactics, ZeroBEC believes the operation is powered by a reusable phishing framework called DEBULL rather than the original threat actor itself. The researchers concluded that techniques once associated with advanced threat groups are now being packaged into reusable infrastructure that enables multiple operators to launch similar attacks with far less effort. This evolution reflects the continuing commercialization of identity-focused phishing operations, where sophisticated attack methods are increasingly offered through phishing-as-a-service platforms instead of being developed independently by individual threat actors.

At the center of the campaign is device code phishing, an attack technique that abuses the OAuth 2.0 Device Authorization Grant, a legitimate authentication mechanism designed for devices that cannot easily support traditional browser-based sign-ins. The workflow is commonly used by devices such as smart televisions, printers, conference room equipment, and other systems with limited input capabilities. Instead of entering credentials directly on those devices, users receive a short verification code that must be entered on another device through Microsoft's official authentication portal to complete the login process.

Threat actors exploit the separation between the device requesting authentication and the browser used to authorize it. Rather than creating counterfeit Microsoft login pages, attackers initiate their own device authentication session, obtain a legitimate verification code from Microsoft, and deliver that code to victims through convincing phishing emails. When recipients unknowingly enter the supplied code into Microsoft's authentic login page and complete the sign-in process, they authorize the attackers' session instead of their own, handing over valid authentication tokens that can be used to access Microsoft 365 resources. Because the victim is interacting with a genuine Microsoft service, traditional indicators of phishing, such as suspicious URLs or fake login portals, are largely absent.

Security researchers have increasingly warned that device code phishing represents a natural evolution of identity attacks. As organizations strengthened defenses against conventional credential phishing and adversary-in-the-middle attacks, threat actors shifted toward abusing trusted authentication workflows that require no password theft and can effectively circumvent multi-factor authentication protections by obtaining legitimate session tokens directly from users. Proofpoint recently reported a sharp increase in device code phishing activity during 2026, attributing the growth to publicly available criminal toolkits and the rapid expansion of phishing-as-a-service platforms that have made these techniques accessible to a wider range of cybercriminals.

Featured