Cybersecurity Headlines Multi-stage SharePoint attack, SmarterMail bypass flaw, AI worries Davos
16 snips
Jan 23, 2026 A multi-stage phishing campaign exploiting SharePoint has emerged, prompting serious cybersecurity concerns. Attackers are leveraging a patched SmarterMail vulnerability for unauthorized access. Meanwhile, discussions at Davos highlight fears surrounding AI agents potentially becoming insider threats, stressing the need for monitoring strategies. The recent takedown of a mobile fake tower scam in Greece showcases ongoing fraud battles. Additionally, a new ransomware threat, Osiris, targets defenses through vulnerable drivers, further complicating the security landscape.
AI Snips
Chapters
Transcript
Episode notes
SharePoint AiTM Campaign Requires More Than Password Resets
- Microsoft Defender found a multi-stage AiTM phishing and BEC campaign abusing SharePoint to persist and evade detection.
- Password resets alone are insufficient; session cookie revocation and removal of attacker inbox rules are required.
Patch Fast And Hunt After Public Fixes
- After the SmarterMail flaw disclosure, organizations must apply vendor patches immediately and assume rapid exploit attempts will follow.
- Treat publicly patched vulnerabilities as likely reversed‑engineered and hunt for signs of compromise proactively.
Spanish Spyware Probe Stalled By Noncooperation
- A Spanish probe into alleged Pegasus spying on top officials closed citing lack of cooperation from Israel.
- The judge said Israel failed to respond to five cooperation requests, undermining international legal balance.