Microsoft addressed the critical vulnerability earlier this month, but had to issue an emergency update to resolve issues it previously missed.

The China-linked operation has grown from a phishing kit marketplace into an active and growing community supporting a decentralized large-scale phishing ecosystem.

Phantom Taurus has stolen sensitive data from ministries of foreign affairs, embassies, diplomats and telecom networks in the Middle East, Africa and Asia, researchers said.

Cisco said it was investigating state-sponsored espionage attacks in May. CISA did not explain why it waited four months to issue an emergency directive.

Salesloft said the AI chat agent for sales and leads will be taken offline, as investigations into the attack spree widen and reveal more victims.

Unit 42 said social engineering — the method of choice for groups as diverse as Scattered Spider and North Korean tech workers — was the top initial…

The deal is a further example of tech market consolidation and positioning to guard against threats to enterprise AI systems.

Attackers have already used the exploit dubbed “ToolShell” to intrude hundreds of organizations globally, including private companies and government agencies.

Wild variances in naming taxonomies aren’t going away, but a new initiative from the security vendors aims to more publicly address obvious overlap in threat group attribution.

The letter to Senate Homeland Security and Governmental Affairs Committee leaders comes shortly before they consider his nomination.