[German]Another failure in the field of AI agents. The developers of the Brave browser have revealed a vulnerability in the Perplexity Comet browser. Using prompt injection, it would be possible to retrieve sensitive information from the agent and instruct the agent to place fake orders on behalf of the user. This introduces a new phalanx of security risks, and AI providers have zero protective measures in place against it.
[German]Data I/O, a provider of data programming for flash memory, microcontrollers, and logic, has been the victim of a ransomware attack. The attack, which took place on August 16, 2025, has affected production. Data I/O's customers include many German companies as well as Amazon, Microsoft, and others.
[German]Microsoft is investigating an issue with Exchange Online that causes emails to not sync with Outlook for 12 hours. This affects users of mobile devices where the Outlook client uses Hybrid Modern Authentication (HMA). Email access issues may then occur in Outlook.
[German]Many users manage their passwords in password managers. Security researchers took a closer look at 11 popular extensions (1Password, LastPass, iCloud, and others). These were identified as vulnerable, putting login details, 2FA codes, and credit card data at risk.
Continue reading
[German]Some companies subject their employees to internal phishing training involving simulated attacks. A study has now shown that these phishing simulations are largely useless. But even secure email gateways cannot stop phishing emails.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]On August 14, 2025, Oracle's developers released Virtualbox version 7.2. This version is a maintenance update for bug fixes.
Continue reading
[German]Anyone who believed that Microsoft's Recall was at the forefront of surveillance needs to think again. Security researchers have discovered the FreeVPN.One extension for the Google Chrome browser. This extension took screenshots of all visited pages and collected additional data. The extension has now been removed from the Google Chrome Store.
[German]Another small finding from the Internet that may be helpful for administrators who work with AppLocker in corporate environments to set application restrictions. The AppLocker Policy Generator promises to support system administrators and security experts in creating and managing AppLocker policies.
[German]Teir China connections seem to have once again "come back to haunt" at Microsoft. I have come across reports that Microsoft no longer grants security researchers from China early access to zero-day vulnerabilities or proof-of-concept (PoC) exploits. The SharePoint incident involving hacks by Chinese groups casts a shadow over the future.
[German]A brief update from this week: On August 20, 2025, Apple released updates for iOS and iPadOS that address critical vulnerabilities in the operating systems. Here is some information.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
