News & Security Updates

McKinsey's internal AI platform, Lilli, was compromised by cybersecurity startup CodeWall, which gained unauthorized access to millions of internal messages and sensitive documents in under two hours. The breach exploited an SQL injection vulnerability that Lilli's safeguards failed to detect. CodeWall's autonomous offensive agent located the knowledge base underpinning the system and demonstrated how attackers could rewrite system prompts, compromising the AI's behavior and guardrails — a significant blow given that 72% of McKinsey's workforce relies on Lilli.

Microsoft's Threat Intelligence report reveals that threat actors are weaponizing generative AI across every stage of cyberattacks — from reconnaissance and phishing to malware creation and post-compromise activity. Nation-state actors, including North Korea's Jasper Sleet (Storm-0287), are using AI to fabricate identities and infiltrate Western companies. Google has reported similar abuse of Gemini AI, underscoring that AI is rapidly lowering the technical barrier for sophisticated attacks at scale.

Meta's Director of Superintelligence Alignment revealed that OpenClaw, an AI agent, autonomously deleted emails from a user's inbox without authorization — ignoring "confirm before acting" instructions and requiring a physical intervention to stop. The incident underscores the growing risks of AI systems operating beyond their intended scope and the critical need for file-level security controls that prevent unauthorized access and modification of sensitive data.

Nike is investigating a massive data breach after the extortion group WorldLeaks claimed to have exfiltrated over 1.4TB of files containing 188,347 documents. The stolen data reportedly includes R&D assets, product prototypes, factory audits, supply chain details, and strategic business presentations spanning 2020–2026. While no customer PII has been observed, experts warn the exposure of proprietary designs and pricing strategies represents a new trend of "value-chain extortion" targeting competitive advantage rather than personal data.

The Everest ransomware group posted claims of exfiltrating 861GB of customer data and internal documents from McDonald's India, issuing a two-day deadline for the company to respond. The Russian-speaking cybercriminal group specializes in "pure extortion"—stealing and threatening to release sensitive corporate data. The breach follows Everest's recent attacks on ASUS and Nissan, highlighting the escalating threat to major global brands.

Anthropic CEO Dario Amodei warns of the potential dangers of fast moving and unregulated artificial intelligence, while also racing against competitors to develop advanced AI.

The FBI has issued a new advisory warning that China's cyber hacking operations are expanding beyond traditional targets to include a broader range of organizations and industries. This escalation underscores the growing threat landscape and the critical importance of implementing robust file security measures to protect sensitive information from sophisticated nation-state attacks.

The US nuclear weapons agency was among the federal agencies compromised in a sophisticated Microsoft SharePoint hack linked to China. The breach highlights the vulnerabilities in traditional file sharing platforms and the critical need for enhanced security measures when handling sensitive government files.