God Mode Vulnerability Lets Attackers Access Any Resource in Microsoft Cloud Tenants
A recently disclosed flaw, tracked as CVE-2025-55241, allowed any attacker in possession of a single “Actor token” from a test or lab tenant to assume…
Month: September 2025
Critical CVE-2025-55241 Exposes Entra ID Admin Access
A newly disclosed vulnerability tracked as CVE-2025-55241 has been reported. The flaw, discovered by an independent researcher and disclosed in September 2025, revealed that Microsoft…
FBI Warns of Spoofed IC3 Website
The FBI on Friday issued an alert on threat actors spoofing the official Internet Crime Complaint Center (IC3) government website. The FBI’s IC3 website is…
How can I get more bug bounty submissions and higher-severity findings?
You asked, and we answered. At Intigriti, we’ve been paying close attention to the questions most frequently asked by those with a bug bounty program…
Cyber threat information law hurtles toward expiration, with poor prospects for renewal
Pessimism is mounting about the chances that Congress will reauthorize a cyber threat information-sharing law before it’s set to expire at the end of this…
Canada Police Shuts Down TradeOgre After $56M Crypto Theft
Montréal, Quebec, September 18, 2025 – In an unprecedented operation, the Royal Canadian Mounted Police (RCMP) Federal Policing – Eastern Region has executed the largest…
Data Security Wake-Up Call: How Modern Cyberattacks Are Redefining Privacy and Compliance
The numbers tell a sobering story. Cloud intrusions surged 136% in just the first half of 2025, according to CrowdStrike’s latest Threat Hunting Report. But…
ShadowLeak Exploit Exposed Gmail Data Through ChatGPT Agent
A team of security researchers from Cloud Security Solutions provider, Radware, found a way to trick a popular AI tool into giving up a user’s…
Widespread Infostealer Campaign Targeting macOS Users
Threat actors are impersonating known brands in an ongoing, widespread campaign aimed at infecting macOS users with information stealer malware, LastPass warns. As part of…
Researchers expose MalTerminal, an LLM-enabled malware pioneer
Researchers expose MalTerminal, an LLM-enabled malware pioneer Pierluigi Paganini September 22, 2025 SentinelOne uncovered MalTerminal, the earliest known malware with built-in LLM capabilities, and presented…
Why federal IT leaders must act now to deliver NIST’s post-quantum cryptography transition
In August 2024, the National Institute of Standards and Technology published its first set of post-quantum cryptography (PQC) standards, the culmination of over seven years…
Verified Steam game steals streamer’s cancer treatment donations
A gamer seeking financial support for cancer treatment lost $32,000 after downloading from Steam a verified game named Block Blasters that drained his cryptocurrency wallet. Block…