Microsoft is preparing to roll out a powerful new security enhancement to its Teams platform, aimed at combating the growing threat of spam, phishing, and malicious calls targeting organizations. The upcoming feature, “Report a Suspicious Call,” will give users the ability to directly flag questionable calls — adding an extra layer of protection to everyday communication.
AWS Identity and Access Management (IAM) is often perceived as a strongly consistent and immediate-response system. However, like many globally distributed services, it actually operates on an eventual consistency model. While this design enables scalability across regions, it also introduces brief but dangerous windows that attackers can exploit to maintain persistence — even after defenders believe they have removed access.
Key Takeaways:
The Reserve Bank of India (RBI) has made the '.bank.in' domain mandatory for all licensed banks in India.
This exclusive domain acts as a critical security filter to prevent banking fraud, especially phishing.
Only RBI-regulated institutions can register for the '.bank.in' domain, guaranteeing website authenticity.
Customers must now verify the URL ending to ensure they are on a legitimate bank portal.
VanHelsing has emerged as a sophisticated ransomware-as-a-service (RaaS) operation that changes the rules for cross-platform attackers. First observed on March 7, 2025, VanHelsing provides a fully packaged service to criminal affiliates: a $5,000 deposit to join, an 80% cut of ransom payments for affiliates, and a user-friendly control panel to orchestrate attacks across heterogeneous environments.
A new wave of phishing attacks is exploiting the credibility of trusted cloud platforms like Cloudflare Pages and Zendesk to execute large-scale credential theft operations. Security researchers have uncovered an elaborate infrastructure of malicious domains designed to impersonate legitimate customer support portals, revealing an alarming escalation in the use of reputable cloud services for social engineering.
Anthropic’s Claude AI — with its new network-enabled Code Interpreter — can be manipulated to siphon private information from users by way of cleverly hidden, indirect prompts. A proof-of-concept disclosed by Johann Rehberger (October 2025) shows how attackers can trick the model into retrieving chat histories and uploading them to the attacker’s account, exposing a new class of risks that come with connecting large language models to external services.
Microsoft Teams Introduces New Feature to Flag Malicious Calls: A Major Boost to Communication Security Microsoft is preparing to roll ou...
