bgp group logo
Client Portal

AI summarisers open to ‘ClickFix’ social engineering attacks

Security researchers have developed a sophisticated prompt injection attack that abuses trusted AI summarisation tools, and potentially turns these into ClickFix-style step-by-step instructions to compromise user systems. The technique, detailed in new research from Singapore security vendor CloudSEK, exploits the gap between what humans can see on a webpage and what artificial intelligence models process […]

Qantas makes architectural changes to its API management platform

Qantas has made a series of architectural changes to its API management platform, improving its reliability and resiliency, which has encouraged usage. Speaking at WSO2Con Asia 2025 in Sri Lanka at the end of last month, principal engineer in the integration and engineering domain at Qantas IT, Waleed Ahmed, said the airline has used the […]

Attackers weaponise Linux file names as malware vectors

A researcher at security vendor Trellix has uncovered a Linux malware attack that embeds malicious code directly into file names, a technique that bypasses most traditional security defences. The attack involves crafting a file name that contains bash command interpreter shell code which, if executed, sets in motion a Linux-specific malware infection chain, researcher Sagar […]

Defence’s ERP bill with IBM hits $575m

The Department of Defence has inked a fresh agreement with IBM related to its enterprise resource planning (ERP) overhaul, bringing the value of the total engagement to at least $575 million since 2019. The latest $18.7 million agreement, set to begin on September 1, covers a year’s worth of consultancy support as Defence pushes ahead […]

Microsoft plans full quantum-resistant cryptography transition by 2033

Microsoft has outlined a timeline to protect its services and customers from future quantum computing threats that could render current encryption methods obsolete. Majorana 1 Microsoft The tech giant now aims to have quantum-safe encryption ready two years ahead of the 2035 deadline set by most governments worldwide. Microsoft warns that scalable quantum computing could […]

AI browsers fall for scams and phishing, security researchers say

Agentic artificial intelligence (AI) web browsers that can act autonomously on users’ behalf appear to be extremely gullible and unsafe to use, falling for hoary old scams as well as newer attacks, security researchers suggest. Consumer oriented security vendor Guardio built three scenarios to test how AI browsers handle fake ecommerce and phishing sites, along […]

Microsoft shrinks Chinese access to cyber early warning system

Microsoft has scaled back some Chinese companies’ access to its early warning system for cyber security vulnerabilities following speculation that Beijing was involved in a hacking campaign against the company’s widely used SharePoint servers. The vendor announced that several Chinese firms would no longer receive “proof-of-concept code,” which mimics the operation of genuine malicious software. […]

University of Melbourne reprimanded for using wi-fi data to identify protesters

The University of Melbourne has been reprimanded for using wi-fi location data to identify students involved in a sit-in protest last year. An investigation by the Office of the Victorian Information Commissioner (OVIC) into the July 2024 incident found the use of wi-fi data amounted to a “serious” breach of privacy. The university had previously […]

UK agrees to drop encryption ‘backdoor’ mandate for Apple

Britain has dropped its demand for the iPhone maker Apple to provide a “backdoor” that would have enabled access to the protected encrypted data of American citizens, United States director of national intelligence Tulsi Gabbard said. Gabbard issued the statement on X, saying she had worked for months with Britain, along with President Donald Trump […]

Greater Western Water’s billing system data issues laid bare

A billing system replacement at Greater Western Water came unstuck due to go-live pressures and data migration practices, leading to at least 320 privacy breaches involving customers. The utility, which formed through the merger of City West Water and Western Water, elected to retire the billing systems of both component organisations and set up an […]