Cyber Security Headlines Microsoft blocks AI code, Breach hits WestJet, Harrods suffers new data incident
16 snips
Sep 30, 2025 Microsoft successfully blocked AI-generated code used in a phishing scheme, a sign of escalating cyber threats. WestJet informed US customers about a breach, revealing unauthorized access to reservation documents. Ukrainian police were targeted in innovative fileless phishing attacks. Harrods faced data exposure affecting 430,000 customer records due to a third-party supplier compromise. Additionally, researchers warned about Tile trackers leaking location data, raising concerns about privacy and security.
AI Snips
Chapters
Transcript
Episode notes
AI Code Can Hide In Innocent File Types
- AI-generated code in SVGs can be weaponized and hide in benign file types like PDFs.
- Microsoft found AI traits such as verbose comments, over-engineering, and formulaic obfuscation that flagged the threat.
Enable Layered Email Protections Now
- Use defenses like SafeLinks, zero-hour auto purge, and Cloud-Delivered Antivirus to catch similar attacks.
- Implement phishing authentication and monitor anomalies in email structure, file format, and network behavior.
WestJet Notifies U.S. Customers
- WestJet disclosed a June 13 incident where a criminal gained unauthorized access to its systems.
- The airline said names, contact details, and reservation documents were taken but payment cards and passwords were not compromised.