A novel attack technique named EchoLeak has been characterized as a "zero-click" artificial intelligence (AI) vulnerability that allows bad actors to exfiltrate sensitive data from Microsoft 365 (M365) Copilot's context sans any user interaction. The critical-rated vulnerability has been assigned the CVE identifier CVE-2025-32711 (CVSS score: 9.3). It requires no customer action and has been

[Read the rest of this article...]

An old Capitol Hill troublemaker is trying to clinch a megabill deal  Politico

[Read the rest of this article...]

Human identities management and control is pretty well done with its set of dedicated tools, frameworks, and best practices. This is a very different world when it comes to Non-human identities also referred to as machine identities. GitGuardian’s end-to-end NHI security platform is here to close the gap. Enterprises are Losing Track of Their Machine Identities Machine identities–service

[Read the rest of this article...]

1. Will the US get drawn into the Israel-Iran war?  vox.com
2. Trump warns Iran to agree to a deal ‘before there is nothing left’  CNN
3. Trump pledged peace but is now embroiled in new Israel-Iran conflict  The Washington Post
4. What Trump Knew About the Attack Against Iran  The Atlantic
5. Opinion | Will Trump Show Restraint in the Middle East?  The New York Times

[Read the rest of this article...]

ConnectWise has disclosed that it's planning to rotate the digital code signing certificates used to sign ScreenConnect, ConnectWise Automate, and ConnectWise remote monitoring and management (RMM) executables due to security concerns. The company said it's doing so "due to concerns raised by a third-party researcher about how ScreenConnect handled certain configuration data in earlier versions.

[Read the rest of this article...]