Cyber Security Headlines Atlas browser hijacked, Bye, bye Twitter birdie, Dante spyware surfaces
Oct 28, 2025
Researchers uncovered a serious security risk with the Atlas browser, allowing malicious URL prompts to compromise data. AI is spotlighted for its potential in diagnosing software vulnerabilities, while X (formerly Twitter) mandates re-registration of security keys as they phase out the old domain. Kaspersky links Italian Dante spyware to trolls targeting Eastern Europe. Major attacks are exploiting vulnerabilities in popular WordPress plugins, and a data breach exposes student information from an Iranian academy.
AI Snips
Chapters
Transcript
Episode notes
Omnibox Trust Boundary Failure
- OpenAI's Atlas Omnibox treats crafted URLs as trusted user intent, letting attackers run prompts disguised as links.
- This failure to separate trusted input from untrusted content enables redirects, credential theft, and file deletion in connected apps.
Push Vendors For Secure-By-Design
- Demand better software from vendors and prioritize secure-by-design principles to cut risk at the source.
- Use AI to find and remediate technical debt rather than only reacting to attacks.
AI Can Expose Longstanding Flaws
- Jen Easterly warns AI could make breaches rare by finding software flaws faster than humans can today.
- She argues fixing sloppy legacy issues like SQL injection and XSS is the real route to reducing risk.