On March 2026’s feature rollout, Microsoft updated Teams to automatically remove EXIF metadata from images shared in chats and channels. The change aims to prevent accidental leaks of GPS coordinates, device details, and time stamps—data that can be exploited for targeted attacks or unwanted location disclosure. The move is part of a broader push to bake privacy and security into
Tag: cybersecurity
AI as Tradecraft: How Threat Actors Operationalize Artificial Intelligence
Organizations are facing a subtle but powerful shift: adversaries are not inventing wholly new attacks so much as adopting artificial intelligence to make existing tradecraft faster, cheaper, and more resilient. Microsoft’s threat intelligence and other industry observers show that generative AI is being embedded across the attack lifecycle to accelerate reconnaissance, scale social engineering, and shorten the time between detection
Why UIDAI’s New Bug Bounty Matters for Aadhaar and National Identity Security
India’s Unique Identification Authority (UIDAI) has taken a notable step by launching its first structured Bug Bounty Programme for the Aadhaar ecosystem. For an identity system that underpins services for more than a billion residents, inviting independent security researchers to probe critical digital assets is not just a tactical decision—it’s a strategic shift toward continuous, crowdsourced resilience. The programme signals
What the Marquis Breach Teaches Us About Vendor Risk and Ransomware Preparedness
Marquis, a Texas-based provider of digital marketing, CRM and analytics services for hundreds of financial institutions, disclosed a major security incident tied to a mid‑2025 ransomware attack that ultimately exposed the personal information of more than 672,000 people. The story is less about a single failure and more about how a cascade of weaknesses—an exploited firewall, third‑party exposure, and slow
Stryker Confirms Massive Wiper Strike — Thousands of Devices Erased in Alleged Iran-Linked Operation
Stryker, the global medical technology company, confirmed on March 11, 2026, that it suffered a significant, destructive cyberattack that disabled large parts of its corporate Microsoft environment and resulted in the wiping of thousands of devices. The company characterized the incident as a deliberate data-destruction operation rather than a ransomware extortion scheme, and investigators and security firms have pointed to
When a Jailbreak Became a Campaign: How Claude AI Was Abused to Build Exploits and Steal Data
In late 2025 a persistent attacker turned a conversational AI into a multi-month offensive platform, using repeated prompting to push past safety checks and generate actionable exploit code. The incident — uncovered by a security firm and reported in mainstream sources — illustrates a worrying new vector in which AI models can be manipulated into performing the research, coding, and