Mount Royal University (MRU) has confirmed that threat actors stole data and deleted files after breaching the university's network in a cyberattack that continues to affect recovery efforts weeks after the incident.
In an update published on its website, the Calgary-based public university said the attack occurred on June 17 and that internal technical teams are working alongside external cybersecurity specialists to investigate the intrusion, determine its full scope, and restore affected systems.
The cyberattack disrupted a wide range of university services, including internet connectivity, online platforms, and several internal systems used across campus. Recovery efforts remain ongoing, with the university warning that restoring all affected services may take several weeks or, in some cases, months.
According to the university's investigation, attackers gained unauthorized access to data stored on the institution's "H drive," a file storage system used by students and employees. Investigators have confirmed that files stored within certain folders were accessed and exfiltrated before the attackers deleted the original copies, a move that has further complicated recovery operations.
"We regret to inform our community that our investigation has now shown that data within certain folders on the University's 'H drive' was accessed and taken by an unauthorized actor," the university said in its advisory.
MRU said the affected folders contained information relating to current and former students, current and former employees, as well as other individuals whose data was stored within the impacted environment. The university has not yet disclosed the exact categories of information exposed or the total number of people affected.
The investigation also found that attackers deleted data stored on a separate departmental file storage system known as the "J drive." While the university said there is currently no evidence that information from the J drive was accessed or copied before it was erased, officials cautioned that recovering the deleted data remains an ongoing process and acknowledged that a complete restoration may not be possible.
The university has reported the incident to the Alberta Information and Privacy Commissioner and notified law enforcement authorities. Officials added that determining the precise impact for each affected individual will take time because the deletion of files has made forensic analysis more complex. Individuals whose information is confirmed to have been affected will receive direct notifications as the investigation progresses.
Responsibility for the attack has been claimed by the cybercrime group CMD Organization, which has published samples of what it alleges is stolen university data, including passport scans and other sensitive documents.
The group is demanding a ransom of 30 Bitcoin, valued at approximately $1.9 million at current exchange rates, and has reportedly given the university six days to respond before releasing additional data. CMD Organization also appears to operate an auction-based extortion model, advertising exclusive access to stolen datasets for the highest bidder through both clear web and dark web leak sites. At the time of writing, the group lists approximately 30 organizations on its extortion portal.
Founded more than a century ago, Mount Royal University currently serves about 11,560 students, including roughly 12,500 undergraduate learners.
As recovery work continues, the university said it will provide additional updates as more information becomes available. MRU is also offering two years of credit monitoring and identity theft protection to current employees and individuals who have worked at the university within the past five years.
After this, the attacker could read chats, steal user data, and command bots to send hacker-written texts such as re-entering a password.
Cyber security firm Varonis discovered the tactic and called it ‘Rogue Agent.’ The bug impacted only businesses that make agents with custom Code Blocks and Dialogflow’s Playbooks, which allows hackers to add their own Python. The attack was not remote, or unauthorized.
For the attack to happen, it required the dialogflow.playbooks.update green light one such agent, which restricts the hacker to an infected insider or a breached developer account, not some stranger on the web. From that point, the reach extended to every agent inside the project.
Google has patched the bug, and Varonis and Google have said there are no signs that the flaw was deployed in a real attack or campaign.
Dialogflow’s Code Blocks allows developers to add custom Python to a chatbot’s flow to test input, invoke defined tools, and control behavior.
The code runs within a Google-operated Cloud Run environment, and every agent that uses Code Blocks in the similar Google Cloud project shares one incident of it. The customer cannot control or see the environment that Google runs, meanwhile Varonis discovered no real separation between the agents within it.
When the agent runs a Code Block, the code is added to internal setup code and sent to Python’s exec()function. The functions and variables that block can touch are defined by the setup.
Functions consist(), which makes the bot reply with a given string, whereas variables consist of a history of full chats and state for session information such as the session ID.
Varonis discovered code_execution_env.py, the file that does this wrapping, lying in the shared environment with write access.
As the file was writable, a single Code Block could change it. The block downloads an altered code_execution_env.py from a threat actor-controlled server and overwrites the original within the running container.
After that, the attacker’s variant commands every Code Block deployment throughout every agent that shares the environment. The attacker’s code sits in the same place as the real code, with similar access to respond(), state, and history,
Cybersecurity researchers have revealed a phishing campaign that is exploiting Microsoft's legitimate device authentication process to seize control of Microsoft 365 accounts, reflecting a broader shift in how cybercriminals are conducting identity-focused attacks. Rather than stealing passwords through counterfeit login pages, the operation manipulates victims into completing a genuine Microsoft authentication process, allowing attackers to obtain valid authentication tokens that grant direct access to compromised accounts.
The campaign, tracked by email security firm ZeroBEC, was observed between the final week of June and early July 2026. Investigators found that the attackers relied on collaboration-themed phishing lures that directed recipients to Microsoft's authentic device login experience instead of fraudulent credential harvesting websites. Behind the scenes, a backend broker generated Microsoft device authentication codes and continuously polled the authentication process until victims completed the sign-in sequence, enabling the attackers to capture valid authentication tokens without ever collecting passwords.
Researchers noted that the activity closely resembles techniques previously documented by Microsoft in its investigation of the threat cluster known as Storm-2372. That campaign, first disclosed in February 2025, used fake Microsoft Teams invitations and messaging-themed social engineering to persuade victims to enter attacker-generated device codes. Once authentication was completed, the attackers received valid access tokens that allowed them to take over Microsoft 365 accounts. Microsoft said Storm-2372 had targeted organizations across government, defense, healthcare, telecommunications, higher education, information technology, energy, and non-governmental sectors spanning Europe, North America, Africa, and the Middle East. The company also stated that the attacks abused legitimate authentication functionality rather than exploiting vulnerabilities in Microsoft products.
Although the latest campaign mirrors many of Storm-2372's tactics, ZeroBEC believes the operation is powered by a reusable phishing framework called DEBULL rather than the original threat actor itself. The researchers concluded that techniques once associated with advanced threat groups are now being packaged into reusable infrastructure that enables multiple operators to launch similar attacks with far less effort. This evolution reflects the continuing commercialization of identity-focused phishing operations, where sophisticated attack methods are increasingly offered through phishing-as-a-service platforms instead of being developed independently by individual threat actors.
At the center of the campaign is device code phishing, an attack technique that abuses the OAuth 2.0 Device Authorization Grant, a legitimate authentication mechanism designed for devices that cannot easily support traditional browser-based sign-ins. The workflow is commonly used by devices such as smart televisions, printers, conference room equipment, and other systems with limited input capabilities. Instead of entering credentials directly on those devices, users receive a short verification code that must be entered on another device through Microsoft's official authentication portal to complete the login process.
Threat actors exploit the separation between the device requesting authentication and the browser used to authorize it. Rather than creating counterfeit Microsoft login pages, attackers initiate their own device authentication session, obtain a legitimate verification code from Microsoft, and deliver that code to victims through convincing phishing emails. When recipients unknowingly enter the supplied code into Microsoft's authentic login page and complete the sign-in process, they authorize the attackers' session instead of their own, handing over valid authentication tokens that can be used to access Microsoft 365 resources. Because the victim is interacting with a genuine Microsoft service, traditional indicators of phishing, such as suspicious URLs or fake login portals, are largely absent.
Security researchers have increasingly warned that device code phishing represents a natural evolution of identity attacks. As organizations strengthened defenses against conventional credential phishing and adversary-in-the-middle attacks, threat actors shifted toward abusing trusted authentication workflows that require no password theft and can effectively circumvent multi-factor authentication protections by obtaining legitimate session tokens directly from users. Proofpoint recently reported a sharp increase in device code phishing activity during 2026, attributing the growth to publicly available criminal toolkits and the rapid expansion of phishing-as-a-service platforms that have made these techniques accessible to a wider range of cybercriminals.
A CVSS score of 9.5 may not be significant to a CFO, but when it demonstrates a flaw in a payment system processing $2 million, it becomes a big deal. Therefore, the data must be linked with information about operational barriers that can result in financial damages, product delays, or loop in regulatory agencies.
Periodic risk lifecycle cannot keep up with the changing threat scenario, which if further impacted by an unstable geopolitical environment and rising technology like AI and quantum computing. Thus, information risk assessment must be a continuous process that links threats, supervising controls, and the possible repercussions for the business if the controls fail.
Different risks carry different impacts, stakeholder needs, and available data. This means that analysis also changes. You need two analysis tracks for this: qualitative analysis for quick decisions with limited data, and quantitative analysis for investment decisions when they need financial backing.
The IRAM3 methodology unifies both tracks into a single framework that uses the same process and is built to be modular, so businesses can gain entry at any desirable phase they think fits their demands.
A linked risk lifecycle changes how businesses perceive organization threats. It also helps to keep activities such as interpreting threats, evaluating controls, and measuring exposure connected instead of treating each analysis as an isolated process.
Linked assets must be grouped by the business function they assist. This lets the teams conduct risk analysis that connect how the organization actually works and also helps in defining the risk appetite.
In this step, you identify the risks to your business, map related threats to critical assets, and predict how likely they will materialize. According to Security Week, “From a quantitative standpoint, a three-point frequency estimate—minimum, most likely, and maximum—is assigned instead of a rating. The number of loss events you would anticipate in a year is represented by this estimate.”
Testing control success
A business might have a MFA coverage, but if privileged accounts are not included as allowing MFA disrupted a legacy integration, the gap is a direct pathway into critical systems. Thus, these controls should be carefully mapped to particular threats, checked for implementation, and analyzed if they actually reduce risk.
BeyondTrust has released security updates to remediate four vulnerabilities affecting its Remote Support (RS) and Privileged Remote Access (PRA) solutions, including two Critical authentication bypass flaws that could allow attackers to gain unauthorized access to vulnerable appliances under specific deployment configurations. The products are commonly used by organizations to deliver remote technical support and manage privileged access to enterprise systems, making them attractive targets because they often provide administrative access to critical IT environments.
The most severe issues originate within the products' authentication mechanisms, which verify user identities before granting access. Because the vulnerabilities can be triggered before the authentication process is completed, successful exploitation may allow attackers to bypass an important security control without first supplying valid credentials.
One of the Critical vulnerabilities, tracked as CVE-2026-40138, carries a CVSS score of 9.2 and affects both BeyondTrust Remote Support and Privileged Remote Access. According to the advisory, the flaw stems from improper validation of authentication data within the authentication subsystem. Under specific authentication configurations, a network-positioned attacker could bypass access controls and obtain unauthorized access to the appliance, including accounts with elevated privileges.
BeyondTrust also addressed CVE-2026-40139, another Critical vulnerability assigned a CVSS score of 9.2 that impacts Remote Support. The issue results from improper processing of authentication requests and could enable an unauthenticated remote attacker to circumvent authentication controls and gain unauthorized access to affected appliances, including privileged accounts. Similar to CVE-2026-40138, exploitation depends on a particular authentication configuration being enabled, meaning the exposure varies according to how affected environments are deployed.
In addition to the authentication bypass flaws, the company disclosed CVE-2026-40140, a High-severity vulnerability with a CVSS score of 8.7 affecting the network communication subsystem. The issue arises from insufficient validation of client-supplied input and could allow an unauthenticated remote attacker to trigger a denial-of-service (DoS) condition, disrupting the availability of vulnerable appliances rather than providing direct access to them.
The fourth vulnerability, CVE-2026-40141, received a CVSS score of 8.5 and affects web application components within both Remote Support and Privileged Remote Access. Caused by inadequate validation of user-supplied input, the flaw could enable an authenticated user with limited privileges to access resources or information beyond their intended authorization. BeyondTrust noted that exploitation of this vulnerability is limited to accounts that already possess specific permissions.
The company said the vulnerabilities were identified during ongoing internal security assessments with assistance from publicly available artificial intelligence models, including Anthropic Claude Opus 4.8, alongside BeyondTrust's proprietary security research tooling. The use of AI-supported analysis reflects a growing trend of incorporating large language models into vulnerability research to assist security teams in identifying potential weaknesses alongside conventional testing techniques.
According to BeyondTrust, the most severe vulnerabilities could allow authentication bypass and unauthorized access when affected systems are configured in specific ways. The remaining flaws could result in service disruption, unintended access to data, or expanded privileges for authenticated users under defined conditions, potentially affecting the confidentiality, availability, and integrity of vulnerable systems.
The vulnerabilities have been resolved in Remote Support version 25.3.3 and later and Privileged Remote Access version 25.3.3 and later. Organizations running version 25.3.2 or earlier of either product are advised to upgrade to the latest available release to mitigate the disclosed risks.
BeyondTrust stated that it has not observed evidence of the newly disclosed vulnerabilities being exploited in the wild. Nevertheless, the company noted that its Remote Support and Privileged Remote Access products have previously been targeted by threat actors. Earlier vulnerabilities, including CVE-2024-12356 and CVE-2026-1731, were exploited to deploy web shells and backdoors on compromised appliances, demonstrating the continued interest of attackers in enterprise remote access infrastructure. Given that history and the privileged role these products play within enterprise environments, organizations are encouraged to apply the available security updates promptly to reduce their exposure to potential attacks.
The announcement came after Flipper decided on building new devices such as Flipper One open Linux platform, where the organization shifted to the community’s help to finish development.
Besides this, Flipper also launched a Buy Bar device for people with Attention Deficit Hyperactivity Disorder (ADHD) to reduce interruptions, which will be open for sale on July 14 in the US, U.K, Canada, and Europe.
Flipper Devices said that the genuine firmware for the Flipper Zero portable pen-testing device will still continue, but full-time feature production ends now.
The first major stable release- Flipper Zero Firmware 1.0, was announced in September last year, after three years of development. The latest stable launch is variant 1.4.3, out since December last year.
By then, the company felt that the firmware was matured, with APIs and a stable SDK and all features implemented safely.
Recently, the team hinted that firmware development was shut down, resulting in strong backlash from people. “We've seen the strong reaction from the community over the idea that we've stopped developing the Flipper Zero firmware,” Flipper said in a blog post. "We want to address this and let you know that we've heard all your feedback and have decided to rethink our approach to maintaining the project and engaging with the community," Flipper added.
To address the concerns, Flipper has made a new technique for the project that depends on closer communication with supporters to keep firmware development in process.
The project will continue with a few resources and in a new way to communicate with the community, such as:
“We're moving all requests from the Flipper Zero community to GitHub Discussions. Now you can 🤚 vote for feature requests that really matter, so we can see what the community actually wants and prioritize them,” Flipper said.