The TrojPix technique, developed by Shandong University researchers, exploits the video cable to radiate faint radio signals that can be captured by a nearby receiver.
The incident, detailed in a case study by Ransom-ISAC, involved Kairos gaining access to a U.S. government entity's network, reportedly through a brute-force credential attack.
A security researcher, operating under the pseudonym "Srikanth L" and affiliated with CashlessConsumer, has alleged that the IDRBT's Domain Registration Portal, the exclusive registrar for India's .bank.in namespace, exposed over 33 unauthenticated API endpoints.
The campaign, dubbed "Poisoned Tenant" and discovered by Push Security, involves attackers creating fake OpenAI organizations using Gmail addresses but sending invitations from OpenAI's legitimate notification system.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.