SOC Minute

SOC Minute Cybersecurity signal, minus the noise. https://socminute.example/ en Microsoft Explores Risks Targeting AI Memory and Defense Strategies https://socminute.example/articulos/microsoft-explores-risks-targeting-ai-memory-and-defense-strategies/ https://socminute.example/articulos/microsoft-explores-risks-targeting-ai-memory-and-defense-strategies/ Microsoft Security Blog discusses the implications when threat actors attempt to manipulate what AI systems remember and the emerging defenses against these attacks. Understanding these risks is crucial for securing AI-driven technologies. Mon, 22 Jun 2026 00:00:00 GMT AI Security Microsoft AI memory attack AI memory manipulation risks defense strategies for AI security Cybersecurity AI Microsoft Links Mastra AI Supply Chain Attack to North Korean Hackers https://socminute.example/articulos/microsoft-links-mastra-ai-supply-chain-attack-to-north-korean-hackers/ https://socminute.example/articulos/microsoft-links-mastra-ai-supply-chain-attack-to-north-korean-hackers/ Microsoft has attributed the recent Mastra AI supply chain attack, compromising over 140 npm packages, to the North Korean group Sapphire Sleet, aka BlueNoroff. This highlights ongoing state-sponsored supply chain risks affecting open source ecosystems. Mon, 22 Jun 2026 00:00:00 GMT Threat Actor Mastra AI supply chain attack North Korean hackers npm packages Sapphire Sleet cyberattack Cybersecurity SupplyChainAttack ShapedPlugin WordPress Pro Plugins Backdoored in Supply Chain Attack https://socminute.example/articulos/shapedplugin-wordpress-pro-plugins-backdoored-in-supply-chain-attack/ https://socminute.example/articulos/shapedplugin-wordpress-pro-plugins-backdoored-in-supply-chain-attack/ Attackers compromised ShapedPlugin's build pipeline to inject backdoor code into Pro plugins via official update channels. This supply chain attack puts thousands of WordPress sites at risk of remote exploitation. Mon, 22 Jun 2026 00:00:00 GMT Malware ShapedPlugin supply chain attack WordPress Pro plugin backdoor WordPress plugin security breach Cybersecurity WordPress FortiBleed: what a SOC should validate in Fortinet environments https://socminute.example/articulos/fortibleed-fortinet/ https://socminute.example/articulos/fortibleed-fortinet/ Exposure of perimeter Fortinet devices puts the focus back on external asset inventory, patching speed, and hunting for anomalous access. Tue, 16 Dec 2025 00:00:00 GMT Vulnerabilities Fortinet FortiOS edge-security Splunk Enterprise: an actively exploited flaw demands a look beyond the SIEM https://socminute.example/articulos/splunk-enterprise-actively-exploited-flaw/ https://socminute.example/articulos/splunk-enterprise-actively-exploited-flaw/ When the platform at the center of detection is exposed, teams must patch quickly and verify the integrity of searches, alerts, accounts, and data. Fri, 28 Nov 2025 00:00:00 GMT Active exploitation Splunk SIEM CISA-KEV AutoJack: when an AI agent turns instructions into control https://socminute.example/articulos/autojack-ai-agent-hijack/ https://socminute.example/articulos/autojack-ai-agent-hijack/ Agent hijacking shows how untrusted content can redirect automation with tools, memory, and permissions toward actions the user never authorized. Thu, 09 Oct 2025 00:00:00 GMT AI Security AI-agents prompt-injection identity