Microsoft Patches Entra ID Role Flaw That Enabled Service Principal Takeover

/in

An administrative role meant for artificial intelligence (AI) agents within Microsoft Entra ID could enable privilege escalation and identity takeover attacks, according to new findings from Silverfort.
Agent ID Administrator is a privileged built-in role introduced by Microsoft as part of its agent identity platform to handle all aspects of an AI agent’s identity lifecycle operations in a

The Hacker News – ​Read More

Medtronic Hack Confirmed After ShinyHunters Threatens Data Leak

/in

The ShinyHunters cybercrime group claimed to have stolen 9 million records containing personal information from Medtronic.

The post Medtronic Hack Confirmed After ShinyHunters Threatens Data Leak appeared first on SecurityWeek.

SecurityWeek – ​Read More

Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202

/in

Microsoft on Monday revised its advisory for a now-patched, high-severity security flaw impacting Windows Shell to acknowledge that it has been actively exploited in the wild.
The vulnerability in question is CVE-2026-32202 (CVSS score: 4.3), a spoofing vulnerability that could allow an attacker to access sensitive information. It was addressed as part of its Patch Tuesday update for this

The Hacker News – ​Read More

My 5 favorite open source operating systems that aren’t Linux

/in

Looking for non-Linux open-source options? From ghosts of past operating systems to fascinating works in progress, here are my top picks.

Latest news – ​Read More

77% of IT managers say their AI agents are out of control – 5 ways to rein in yours

/in

The unchecked proliferation of AI agents is leading to a large volume of unsanctioned AI applications.

Latest news – ​Read More

82 Chrome Extensions Found Selling User Data, 6.5 Million Users Affected

/in

LayerX research finds 82 Chrome extensions collecting and selling user data, affecting at least 6.5 million users through disclosed but concerning practices.

Hackread – Cybersecurity News, Data Breaches, AI and More – ​Read More

GitHub Copilot shifts to usage-based pricing June 1 – why that’s no surprise

/in

Under the new approach, if you run out of credits, you can’t use the service. GitHub plans to preview the new billing in early May.

Latest news – ​Read More

This LG portable projector comes with a free soundbar – and we highly recommend it

/in

The CineBeam Q is a high-quality portable projector, and with this deal and a free LG S40T soundbar, you can make it a permanent addition to your home theater.

Latest news – ​Read More

UNC6692 Combines Social Engineering, Malware, Cloud Abuse

/in

A newly discovered threat actor is using Microsoft Teams, AWS S3 buckets, and custom “Snow” malware in a multipronged campaign.

darkreading – ​Read More

Tennessee becomes second state to ban cryptocurrency ATMs over scam concerns

/in

State officials said they observed overseas criminals carrying out government impersonation or tech support cons, as well as romance and pig butchering scams using cryptocurrency ATMs.

The Record from Recorded Future News – ​Read More