Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Olymp Loader is a Malware-as-a-Service (MaaS) advertised on underground forums and Telegram since June 5, 2025. The seller, “OLYMPO”, presents Olymp Loader as fully written in assembly language and frequently markets it as FUD (Fully UnDetectable). Despite its recent appearance, many underground forum users have already posted positive reviews.

Microsoft operates under the Shared Responsibility Model. This means that certain areas of security tasks are your duties, as a customer, and some are the cloud provider’s while others may be a shared responsibility. Most importantly, Microsoft is responsible for its global infrastructure, including each data center and the uptime of the Microsoft 365 service. Your responsibility as the user is to manage and protect your customer data within the Microsoft ecosystem.

“AI is just automation by a different name.” It’s a bold claim—but one that Brandon Heller, CTO and co-founder of Forward Networks, and Howard Holton, CEO of GigaOm, unpack in a way that will make you think. In their recent conversation on Discovering Disruptions in Tech, they make the case that artificial intelligence, especially generative AI, is not delivering brand-new capabilities.

Over the past decade, data has evolved from being an operational byproduct to becoming one of the most valuable assets of any business. The explosion of IoT devices, cloud applications, and AI-driven systems has generated unprecedented volumes of personal and non-personal data. Alongside this growth, regulations in the EU have progressed in step.

Phishing is not new. But SpamGPT has changed the game by showing how AI can industrialize deception at scale. SpamGPT has quickly become the poster child for how attackers are using AI to industrialize old tricks. At its core, SpamGPT isn’t introducing a new kind of attack; it’s simply making phishing faster, cheaper, and more convincing. Phishing has always been about deception. But with AI generating endless, polished, and context-aware lures, the balance of power shifts.

Researchers at Varonis warn of a new phishing automation platform called “SpamGPT” that “combines the power of generative AI with a full suite of email campaign tools.” While previous phishing kits have automated parts of the attack chain, SpamGPT’s sophistication sets it apart from the rest “SpamGPT’s interface and features imitate a professional email marketing service, but for illegal purposes,” Varonis writes.

Attackers are abusing AI-powered development platforms like Lovable, Netlify and Vercel to create and host captcha challenge websites as part of phishing campaigns, according to researchers at Trend Micro. “Since January, Trend Micro has observed a rise in fake captcha pages hosted on such platforms,” the researchers write.

CrowdStrike has been named an innovation and growth leader in the 2025 Frost Radar: Cloud Workload Protection Platforms, positioned highest on the Innovation Index among all vendors evaluated. This marks another milestone in our mission to stop breaches with the industry's most unified and comprehensive cloud security solution.

The French luxury conglomerate, Kering, recently confirmed a data breach affecting millions of customers. As a Paris-based luxury group, it has a portfolio of houses in fashion and jewelry. Some of its stable brands include Alexander McQueen, Balenciaga, and Gucci. The cybercriminal group, ShinyHunters, claimed responsibility for the attack. Unlike traditional ransomware groups, which would encrypt the data, they usually monetize by extortion to sell the information on secret forums.

Public sector organizations face unprecedented cybersecurity challenges as artificial intelligence reshapes how adversaries launch attacks. Threat actors now use AI to execute large-scale, highly personalized phishing campaigns, automate the discovery of vulnerabilities, and evade detection faster than traditional defenses can respond.