Microsoft has fixed a vulnerability in its AI-enabled Azure Health Bot that could have allowed attackers to access cross-tenant resources. The elevation of privilege vulnerability was discovered by Tenable researchers in June and patched by July. During routine investigations into data connections, the researchers were able to access an internal Microsoft subscription ID, potentially making other resources accessible.

Armored Likho APT Deploys BusySnake Stealer Against Government and Power Sector Targets
A focused phishing campaign operated by a previously unreported APT we’ve named Armored Likho (also tracked under the provisional alias Eagle Werewolf). The group is


