- Ai Security Weekly
- Posts
- AI Security Weekly End of Week Wrap
Week Summary
CRITICAL Microsoft patched 107 CVEs (incl. NTLM EoP); SharePoint zero-day linked to Canada’s House of Commons breach.
BREAKTHROUGH Widespread Salesforce data theft via Drift OAuth tokens; 700+ orgs potentially affected.
LESSON Agentic AI now runs end-to-end attacks; jailbreaks convert into phishing across email/SMS/voice.
🔴 WEEK’S TOP THREATS
Canada Parliament Cyberattack
Threat actors used a recent Microsoft SharePoint vulnerability (reported as CVE-2025-53770) to access an internal database at Canada’s House of Commons (names, roles, locations, device details). Attribution unconfirmed. | Next Steps (≤48h): audit and patch on-prem SharePoint; apply MSRC mitigations.
Primary → go.asw.news/n1
More (MSRC) → go.asw.news/n1a
More (Cyber Centre) → go.asw.news/n1b
Salesforce OAuth Breach Wave
UNC6395 mass-exfiltrated Salesforce data using compromised Drift OAuth tokens (Aug 8–18). Google advises revoking Drift-connected tokens and rotating secrets; more than 700 organizations are potentially impacted. A small number of Google Workspace accounts were accessed via Drift Email tokens. | Weekend Action: revoke 3rd-party OAuth tokens, rotate keys, review Event Monitoring & Connected App logs.
Primary (Google TI) → go.asw.news/n2
Context → go.asw.news/n2b
🟡 WEEK’S DEVELOPMENTS
AI Progress
Anthropic's detailed misuse of Claude for extortion, code generation, and social engineering; new research shows that jailbreaks reliably enable multi-channel phishing. | Security Impact: adaptive AI agents bypass static controls.
Anthropic report → go.asw.news/n3
Jailbreaking→Phishing (arXiv) → go.asw.news/n3b
Policy/Business News
NIST released the SP 800-53 “Control Overlays for Securing AI Systems” concept paper (incl. multi-agent use cases) and opened public collaboration. | Long-term: standardized AI security controls.
Announcement → go.asw.news/n4
Concept paper (PDF) → go.asw.news/n4b
Tech/MSP Update
Microsoft 365/Entra: app-consent enforcement continues; Azure AD Graph retired (migrate to Microsoft Graph). Pricing guides indicate that many MSP bundles are trending at $150–$250/user/mo. | Opportunity: sell consolidated security + app governance in Q4 renewals.
Graph migration → go.asw.news/n5
Retirement update → go.asw.news/n5b
MSP pricing guide → go.asw.news/n5c
Pricing strategies → go.asw.news/n5d
WEEKEND READING
Deep Dive: Trend Micro State of AI Security (1H 2025) → go.asw.news/n6
Listen: Cybersecurity Headlines – Week in Review (Aug 25–29) → go.asw.news/n7
Watch: MSP Pricing Strategies for 2025 → go.asw.news/n8
NEXT WEEK PREVIEW
• Monday (Sep 1): OAuth/Drift follow-up—confirm token revocations, rotate any discovered secrets, re-enable only least-privileged scopes.
• Wednesday (Sep 3): Contribute to NIST AI overlays comment process; map to internal controls.
• Friday (Sep 5): Prep Patch Tuesday (Sep 9): stage NTLM/SharePoint updates; pilot app-consent policy checks.
#CyberSecurity #AISecurity #MSP #IdentitySecurity