Contact DMCA Privacy

Robuta

Sponsor of the Day: Jerkmate
https://www.infoq.com/news/2026/03/litellm-supply-chain-attack/ PyPI Supply Chain Attack Compromises LiteLLM, Enabling the Exfiltration of Sensitive Information -... Mar 31, 2026 - Discovered by FutureSearch researcher Callum McMahon, a supply chain attack against LiteLLM on PyPI resulted in over 40 thousand downloads of a compromised... pypi supply chainsensitive informationattackcompromiseslitellm https://attack.mitre.org/techniques/T1567/002/ Exfiltration Over Web Service: Exfiltration to Cloud Storage, Sub-technique T1567.002 - Enterprise... web servicecloud storagesub technique002 enterpriseexfiltration https://www.quickheal.com/blogs/tag/exfiltration/ exfiltration - Home exfiltration https://www.first.org/global/sigs/dns/stakeholder-advice/detection/infiltration-and-exfiltration-via-the-dns DNS Abuse Detection: Infiltration and exfiltration via the DNS dns abuse detectionexfiltration viainfiltration https://attack.mitre.org/tactics/TA0010/ Exfiltration, Tactic TA0010 - Enterprise | MITRE ATT&CK® enterprise mitre attexfiltrationtactic https://simonwillison.net/2024/Aug/20/data-exfiltration-from-slack-ai/ Data Exfiltration from Slack AI via indirect prompt injection Today's prompt injection data exfiltration vulnerability affects Slack. Slack AI implements a RAG-style chat search interface against public and private data... via indirect promptdata exfiltrationslack aiinjection https://vercara.digicert.com/resources/dns-infiltration-and-exfiltration DNS Infiltration and Exfiltration Dec 15, 2025 - Learn about DNS infiltration and exfiltration, sophisticated techniques using DNS tunneling for covert data transfer. Discover strategies to protect your... dnsinfiltrationexfiltration https://simonwillison.net/tags/exfiltration-attacks/ Simon Willison on exfiltration-attacks 43 posts tagged ‘exfiltration-attacks’. Exfiltration attacks are prompt injection attacks against chatbots that have access to private information, where that... simon willisonexfiltrationattacks https://petsymposium.org/popets/2018/popets-2018-0030.php PoPETs Proceedings — Panoptispy: Characterizing Audio and Video Exfiltration from Android... popetsproceedingscharacterizingaudiovideo https://attack.mitre.org/techniques/T1048/ Exfiltration Over Alternative Protocol, Technique T1048 - Enterprise | MITRE ATT&CK® enterprise mitre attexfiltrationalternativeprotocoltechnique https://www.proofpoint.com/uk/products/data-security-governance Defend against data exfiltration, data exposures and insider threats | Proofpoint UK Modernize your DLP program with human-centric data protection solutions from Proofpoint. Discover our human-centric, omni-channel approach. data exfiltrationinsider threatsproofpoint ukdefendexposures https://threats.wiz.io/all-incidents/weaver-ant-data-exfiltration-campaign Weaver Ant data exfiltration campaign Sygnia uncovered a prolonged cyber-espionage campaign targeting a major Asian telecom provider, orchestrated by a China-nexus APT group dubbed Weaver Ant. The... data exfiltrationweaverantcampaign https://webtransparency.cs.princeton.edu/no_boundaries/ No boundaries: data exfiltration by third parties embedded on web pages boundaries datathird partiesweb pagesexfiltrationembedded https://www.nightfall.ai/solutions/prevent-data-exfiltration-anywhere Stop Data Exfiltration Anywhere | Nightfall AI Stop data exfiltration through any threat vector – from SaaS apps, shadow AI usage, browsers and endpoints – with complete lineage tracking. stop datanightfall aiexfiltrationanywhere https://www.promptarmor.com/resources/data-exfiltration-from-writer-com-via-indirect-prompt-injection Data Exfiltration from Writer.com via Indirect Prompt Injection This vulnerability allows attackers to steal a user’s private documents by manipulating the language model used for content generation. via indirect promptdata exfiltrationwriterinjection https://embracethered.com/blog/posts/2025/claude-abusing-network-access-and-anthropic-api-for-data-exfiltration/ Claude Pirate: Abusing Anthropic's File API For Data Exfiltration · Embrace The Red Recently, Anthropic added the capability for Claude’s Code Interpreter to perform network requests. This is obviously very dangerous as we will see in … file apidata exfiltrationclaudepirateabusing https://research.jfrog.com/post/hugging-face-exfil/ js-logger-pack Operator Turns Hugging Face into a Malware CDN and Exfiltration Backend - JFrog... New versions of the malicious npm package `js-logger-pack`, including `1.1.27`, have shifted exfiltration to Hugging Face. Earlier versions already used the... hugging facejsloggerpackoperator https://www.proofpoint.com/us/threat-reference/data-exfiltration What Is Data Exfiltration? Meaning & Prevention | Proofpoint US Data exfiltration is the unauthorized data movement from a server or individual’s computer. Learn about the exfiltration of data and why it matters. prevention proofpoint usdata exfiltrationmeaning https://securityonline.info/tag/data-exfiltration/page/2/ data exfiltration Archives • Page 2 of 3 • Daily CyberSecurity data exfiltration archives3 daily2cybersecurity https://www.csoonline.com/article/4117792/one-click-is-all-it-takes-how-reprompt-turned-microsoft-copilot-into-data-exfiltration-tools.html One click is all it takes: How ‘Reprompt’ turned Microsoft Copilot into data exfiltration tools |... Jan 16, 2026 - A new Copilot exploit reveals how LLMs can be quietly turned into always-on data exfiltration tools. turned microsoftdata exfiltrationonetakescopilot https://lantern.splunk.com/Security_Use_Cases/Anomaly_Detection/Detecting_data_exfiltration_activities Detecting data exfiltration activities - Splunk Lantern Mar 5, 2026 - Detect data exfiltration activities with searches to help you identify data identification, collection, and staging tactics used by attackers. data exfiltrationsplunk lanterndetectingactivities https://blog.citp.princeton.edu/2017/11/15/no-boundaries-exfiltration-of-personal-data-by-session-replay-scripts/ No boundaries: Exfiltration of personal data by session-replay scripts - CITP Blog This is the first post in our “No Boundaries” series, in which we reveal how third-party scripts on websites have been extracting personal information in... personal datasession replaycitp blogboundariesexfiltration https://digital.ai/threat-data-exfiltration/ Data Exfiltration Digital.ai Jun 30, 2025 - Data exfiltration refers to the unauthorized transfer of sensitive information from a system or network. In the context of client-facing applications, this data exfiltrationdigital ai https://www.promptarmor.com/resources/notion-ai-unpatched-data-exfiltration Notion AI: Data Exfiltration Notion AI was susceptible to data exfiltration via indirect prompt injection due to a vulnerability in which AI document edits are saved before user approval. notion aidata exfiltration https://www.microsoft.com/en-us/security/blog/2022/03/22/dev-0537-criminal-actor-targeting-organizations-for-data-exfiltration-and-destruction/ DEV-0537 criminal actor targeting organizations for data exfiltration and destruction | Microsoft... Jun 20, 2025 - The activity we have observed has been attributed to a threat group that Microsoft tracks as DEV-0537, also known as LAPSUS$. DEV-0537 is known for using a... data exfiltrationdev0537criminalactor https://detection.fyi/sigmahq/sigma/emerging-threats/2021/malware/conti/proc_creation_win_malware_conti_7zip/ Conti NTDS Exfiltration Command | Detection.FYI Detects a command used by conti to exfiltrate NTDS detection fyicontintdsexfiltrationcommand https://detection.fyi/tags/attack.exfiltration/ attack.exfiltration | Detection.FYI detection fyiattackexfiltration https://l0.cm/svg_font/poc.php Data Exfiltration via CSS + SVG Font - PoC (Safari only) data exfiltrationvia csssvgfontpoc https://app-attack-matrix.com/techniques/Impact/Data%20Exfiltration/Data%20Exfiltration/ Data Exfiltration - Application Security Tactics & Techniques Matrix application security tacticsdata exfiltrationtechniques matrix https://www.f5.com.cn/glossary/data-exfiltration Data Exfiltration | F5 data exfiltrationf5 https://www.csoonline.com/article/4155004/zero%e2%80%91click-grafana-ai-attack-can-enable-enterprise-data-exfiltration.html Zero‑click Grafana AI attack can enable enterprise data exfiltration | CSO Online Apr 8, 2026 - By combining indirect prompt injection with client-side bypasses, attackers can force Grafana to leak sensitive data through routine image requests. ai attackenable enterprisedata exfiltrationcso onlinegrafana https://attack.mitre.org/techniques/T1041/ Exfiltration Over C2 Channel, Technique T1041 - Enterprise | MITRE ATT&CK® enterprise mitre attexfiltrationc2channeltechnique https://unit42.paloaltonetworks.com/tag/data-exfiltration/ data exfiltration Archives - Unit 42 data exfiltration archivesunit 42 https://www.codeintegrity.ai/blog/notion The Hidden Risk in Notion 3.0 AI Agents: Web Search Tool Abuse for Data Exfiltration |... Sep 19, 2025 - A critical security vulnerability in Notion 3.0's AI Agents demonstrates how the combination of LLM agents, tool access, and long-term memory creates... 3 0 aiweb search toolhidden riskdata exfiltrationnotion https://www.elastic.co/docs/reference/integrations/ded Data Exfiltration Detection | Elastic integrations The Data Exfiltration Detection (DED) package contains assets for detecting data exfiltration in network and file data. Data Exfiltration Detection package... data exfiltrationelastic integrationsdetection https://www.blackfog.com/ BlackFog AI Security for Data Exfiltration, Shadow AI and Ransomware Prevention Apr 26, 2026 - BlackFog provides AI Security for Data Exfiltration, Shadow AI and Ransomware Prevention using Anti Data Exfiltration ai securitydata exfiltrationransomware preventionblackfogshadow https://www.cyberhaven.com/product/how-data-lineage-works Trace Data from Origin to Exfiltration with Lineage | Cyberhaven Trace every piece of data from origin to destination. Our data lineage records every move, copy, edit, and share to protect data even after encryption. trace dataoriginexfiltrationlineagecyberhaven https://www.networkworld.com/article/4141183/ai-transforms-dangling-dns-into-automated-data-exfiltration-pipeline.html AI transforms 'dangling DNS' into automated data exfiltration pipeline | Network World Mar 6, 2026 - Generative AI is raising the risk of dangling DNS attack vectors, as the orphaned resources are no longer just a phishing nuisance. ai transformsdangling dnsautomated datapipeline networkexfiltration https://gurucul.com/blog/breaking-the-blind-spot-detecting-data-exfiltration-via-disposable-emails-in-bec-attacks/ Detecting Disposable Email Exfiltration in BEC Attacks Apr 6, 2026 - Detect disposable email exfiltration in BEC attacks and learn how attackers bypass controls using temporary domains for stealth data theft. disposable emailbec attacksdetectingexfiltration https://blog.pypi.org/posts/2025-09-16-github-actions-token-exfiltration/ Token Exfiltration Campaign via GitHub Actions Workflows - The Python Package Index Blog Incident report of a recent attack campaign targeting GitHub Actions workflows to exfiltrate PyPI tokens, our response, and steps to protect your projects. via github actionspython package indextokenexfiltrationcampaign https://www.f5.com/glossary/data-exfiltration Data Exfiltration | F5 data exfiltrationf5 https://www.proofpoint.com/au/products/data-security-governance Defend against data exfiltration, data exposures and insider threats | Proofpoint AU Modernize your DLP program with human-centric data protection solutions from Proofpoint. Discover our human-centric, omni-channel approach. data exfiltrationinsider threatsproofpoint audefendexposures https://www.computerworld.com/article/4117750/one-click-is-all-it-takes-how-reprompt-turned-microsoft-copilot-into-a-data-exfiltration-tool.html One click is all it takes: How ‘Reprompt’ turned Microsoft Copilot into a data exfiltration tool –... Jan 22, 2026 - A new Copilot exploit reveals how LLMs can be quietly turned into always-on data exfiltration tools. turned microsoftdata exfiltrationonetakescopilot https://www.cyberhaven.com/ Stop Data Exfiltration with the AI & Data Security Platform (DSPM, DLP & Insider Risk) | Cyberhaven Bring together DSPM, DLP, and insider risk management to prevent data exfiltration across SaaS, endpoints, cloud, and AI tools using Cyberhaven’s AI and data... ai security platformstop datadspm dlpinsider riskexfiltration https://attack.mitre.org/techniques/T1052/001/ Exfiltration Over Physical Medium: Exfiltration over USB, Sub-technique T1052.001 - Enterprise |... sub technique001 enterpriseexfiltrationphysicalmedium https://blog.citp.princeton.edu/2020/07/14/can-the-exfiltration-of-personal-data-by-web-trackers-be-stopped/ Can the exfiltration of personal data by web trackers be stopped? - CITP Blog by Günes Acar, Steven Englehardt, and Arvind Narayanan. In a series of posts on this blog in 2017/18, we revealed how web trackers exfiltrate personal... personal dataweb trackerscitp blogexfiltrationstopped https://www.mitiga.io/blog/ai-agent-supply-chain-risk-silent-codebase-exfiltration-via-skills AI Agent Supply Chain Risk: Silent Codebase Exfiltration via Skills Mitiga Labs shows how a malicious AI agent skill can silently exfiltrate an entire codebase, exposing a new supply chain risk in agentic AI environments. supply chain riskexfiltration viaagentsilentcodebase https://www.spamhaus.com/resource-center/context-for-anti-data-exfiltration-pioneer-blackfog-with-spamhaus-intelligence-api/ Case Study | Context for anti data exfiltration pioneer, BlackFog, with Spamhaus Intelligence API |... BlackFog is pioneering technology to prevent data exfiltration and ransomware. Using Spamhaus’ Intelligence API, BlackFog validates its rich data, providing... spamhaus intelligence apicase studydata exfiltrationcontextanti https://www.promptarmor.com/resources/data-exfiltration-from-slack-ai-via-indirect-prompt-injection Data Exfiltration from Slack AI via Indirect Prompt Injection This vulnerability can allow attackers to steal anything a user puts in a private Slack channel by manipulating the language model used for content generation. via indirect promptdata exfiltrationslack aiinjection https://unit42.paloaltonetworks.com/ja/tag/data-exfiltration-ja/ data exfiltration Archives - Unit 42 data exfiltration archivesunit 42 https://securityonline.info/tag/data-exfiltration/ data exfiltration Archives • Daily CyberSecurity data exfiltration archivesdaily cybersecurity https://www.halcyon.ai/platform/data-exfiltration-protection Data Exfiltration Protection Halcyon DXP detects and stops ransomware data theft early, alerting on suspicious outbound flows and blocking double-extortion attempts data exfiltrationprotection https://securityonline.info/the-dark-side-of-telegram-how-cybercriminals-weaponize-bot-apis-for-stealthy-data-exfiltration/ The Dark Side of Telegram: How Cybercriminals Weaponize Bot APIs for Stealthy Data Exfiltration A new Cofense report reveals how hackers abuse legitimate Telegram Bot APIs to create stealthy Command and Control (C2) centers for data exfiltration. dark sidedata exfiltrationtelegramcybercriminalsweaponize