{"vulnerability": "CVE-2025-32711", "sightings": [{"uuid": "50ab36dd-e68e-40cd-9ee9-6d108e92eb0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3lrejccktt526", "content": "", "creation_timestamp": "2025-06-11T23:03:03.361558Z"}, {"uuid": "24974dac-8272-4e87-8646-1994e42200b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3ltyvxur2qq26", "content": "", "creation_timestamp": "2025-07-15T12:33:28.483863Z"}, {"uuid": "770ef171-dd28-4d30-abdb-b01ae227a822", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lrjkhkdza22g", "content": "", "creation_timestamp": "2025-06-13T23:07:09.902046Z"}, {"uuid": "6e5ab18e-2303-4d0d-87c8-931480782a70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://bsky.app/profile/ai-ru.at.thenote.app/post/3lrqg57zi4k2h", "content": "", "creation_timestamp": "2025-06-16T16:38:26.675870Z"}, {"uuid": "3f9564a8-e21d-4b78-a693-bd9bfdb7227a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3lrjuxthzjfp2", "content": "", "creation_timestamp": "2025-06-14T02:15:20.495537Z"}, {"uuid": "4a9b9136-6c3d-4a4c-a1eb-d60ea3ab4458", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lrjv4h54s72s", "content": "", "creation_timestamp": "2025-06-14T02:17:48.800369Z"}, {"uuid": "d6e70355-4010-425f-a595-3ef1a60ddd09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lryy2wn5el2q", "content": "", "creation_timestamp": "2025-06-20T02:20:35.042772Z"}, {"uuid": "33a169ea-4988-4f74-8867-7749f88c62eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lrfs5ha66e32", "content": "", "creation_timestamp": "2025-06-12T11:15:26.241643Z"}, {"uuid": "c89684f1-29d0-4cf0-a264-0cabd3adc5c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/114670225470808444", "content": "", "creation_timestamp": "2025-06-12T11:46:22.574512Z"}, {"uuid": "de889bd3-1f7d-41f7-b1d2-72f44885ce66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://bsky.app/profile/buzzleaktv.bsky.social/post/3lrfubbglab24", "content": "", "creation_timestamp": "2025-06-12T11:51:58.414479Z"}, {"uuid": "6e6532aa-86bb-42e9-b7e8-613c4c2701a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://infosec.exchange/users/jbhall56/statuses/114670256650492308", "content": "", "creation_timestamp": "2025-06-12T11:54:18.381870Z"}, {"uuid": "4c3215b2-aba9-438b-a6b1-3126c361f904", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://bsky.app/profile/jbhall56.bsky.social/post/3lrfufpjagk22", "content": "", "creation_timestamp": "2025-06-12T11:54:28.382102Z"}, {"uuid": "37e7a4a2-9741-4b5d-add2-d3379be24d55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://bsky.app/profile/chrjcar.bsky.social/post/3lrg4gdwbcs2z", "content": "", "creation_timestamp": "2025-06-12T14:18:02.544519Z"}, {"uuid": "2da02fc4-1019-4490-9170-38eb72350e4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lrmg2vvryg2a", "content": "", "creation_timestamp": "2025-06-15T02:26:30.497718Z"}, {"uuid": "39a09b38-a35e-421c-9c3e-389d4e4f48ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://threatintel.cc/2025/06/12/echoleak-ai-attack-enabled-theft.html", "content": "", "creation_timestamp": "2025-06-12T09:46:28.000000Z"}, {"uuid": "168a092c-e3ae-457b-ba1d-0c59bd7dbd47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://thehackernews.com/2025/06/zero-click-ai-vulnerability-exposes.html", "content": "", "creation_timestamp": "2025-06-12T09:11:00.000000Z"}, {"uuid": "08ea6340-0eb3-48c0-85d1-a30e4dabb1ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lrlu3tgcik27", "content": "", "creation_timestamp": "2025-06-14T21:05:04.616468Z"}, {"uuid": "2a4cb03e-fe23-4fae-b681-130fd4b28748", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lrlu3v5yps27", "content": "", "creation_timestamp": "2025-06-14T21:05:05.143229Z"}, {"uuid": "8a485f79-d086-4812-bef2-fb3a759d426b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lrlu3xcpws27", "content": "", "creation_timestamp": "2025-06-14T21:05:05.667476Z"}, {"uuid": "e111489b-294f-4ca7-a057-513527e931a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lrlu3zhg6k27", "content": "", "creation_timestamp": "2025-06-14T21:05:06.187060Z"}, {"uuid": "e4a018ae-d560-4db3-8892-f53a4e0b1c43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://bsky.app/profile/ai-news.at.thenote.app/post/3lricsvriqk2h", "content": "", "creation_timestamp": "2025-06-13T11:17:41.216514Z"}, {"uuid": "58b6be73-d49c-4c1f-92cd-576eae4f5350", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3lrgzctfwhae2", "content": "", "creation_timestamp": "2025-06-12T22:56:14.521908Z"}, {"uuid": "d64f676e-6985-43da-b95c-9794f8c0a19d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lrwhn24vjw2a", "content": "", "creation_timestamp": "2025-06-19T02:21:09.709728Z"}, {"uuid": "95182e00-a8cf-4c86-a81d-b43bfc562e6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3ltlwjfp75s24", "content": "", "creation_timestamp": "2025-07-10T08:38:39.601926Z"}, {"uuid": "4cd36515-10c4-49c2-832d-bbb1eed1a553", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3lrhsn75oxs2w", "content": "", "creation_timestamp": "2025-06-13T06:28:10.548957Z"}, {"uuid": "c6fc8058-53b3-42ac-a61d-dafb716f4736", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3lrihaeb7kc2s", "content": "", "creation_timestamp": "2025-06-13T12:36:47.898843Z"}, {"uuid": "40aaa069-ecd4-4f02-a23b-9b3c06fa98bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114665075954450808", "content": "", "creation_timestamp": "2025-06-11T13:56:47.374584Z"}, {"uuid": "7c909cdb-817a-4638-9956-ffee9d144aa5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://bsky.app/profile/cdarwin.c.im.ap.brid.gy/post/3lxo7vt6k4tz2", "content": "", "creation_timestamp": "2025-08-31T04:14:14.077236Z"}, {"uuid": "be7ffccc-e14d-40fd-99a1-b6adc22bdd3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://bsky.app/profile/sushicomabacate.com/post/3lriu4is5fs27", "content": "", "creation_timestamp": "2025-06-13T16:27:17.729696Z"}, {"uuid": "cba5e009-1d51-455a-bab5-93b38401e53c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://bsky.app/profile/checkmarxzero.bsky.social/post/3lsjidxcxez2g", "content": "", "creation_timestamp": "2025-06-26T15:54:33.413228Z"}, {"uuid": "d36ac1da-71bc-4ba4-a3df-b542574d98f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://gist.github.com/Darkcrai86/e415d0a95cb8194ceb3e8cf19d27e8be", "content": "", "creation_timestamp": "2025-09-11T07:20:14.000000Z"}, {"uuid": "d1624c3c-cf3c-4162-b631-437dcc651eef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://bsky.app/profile/cti-news.bsky.social/post/3lrdjjo7aqd2w", "content": "", "creation_timestamp": "2025-06-11T13:34:29.786854Z"}, {"uuid": "1c8aa79f-24e7-459f-9f67-d682997fe97c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrdq7dfksc2m", "content": "", "creation_timestamp": "2025-06-11T15:33:57.957881Z"}, {"uuid": "48a184aa-ce28-4d2c-8e54-111eb5789d5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lrtx5exigc2k", "content": "", "creation_timestamp": "2025-06-18T02:20:44.887930Z"}, {"uuid": "5e649b10-5659-42ad-8a7e-6f869b4aa802", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://bsky.app/profile/alwayspushtheroll.com/post/3lw7wksfda22j", "content": "", "creation_timestamp": "2025-08-12T18:23:06.392728Z"}, {"uuid": "cfea97da-3e26-4d99-b239-4e626ba4e60e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://cyber.gc.ca/en/guidance/top-10-artificial-intelligence-security-actions-primer-itsap10049", "content": "", "creation_timestamp": "2026-03-05T16:56:13.000000Z"}, {"uuid": "84d33b2f-e661-403f-be44-8fe882066927", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lxqkdnktpk2c", "content": "", "creation_timestamp": "2025-09-01T02:24:47.151520Z"}, {"uuid": "8894d22b-84be-4fb4-9f29-81e391d784da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://gist.github.com/AnthonyAlcaraz/2368ec0d66d51986f52463d1ba135934", "content": "", "creation_timestamp": "2026-03-09T08:58:25.000000Z"}, {"uuid": "cef283a6-49a8-4b97-a291-dbc79760eebb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://bsky.app/profile/LLMs.activitypub.awakari.com.ap.brid.gy/post/3mhjo5666j2s2", "content": "", "creation_timestamp": "2026-03-20T23:27:39.625231Z"}, {"uuid": "0f582dca-2bce-4875-983b-4a56fb15d346", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "Telegram/d4nUwsOBOdQROW01SEnvl_Ro6E92wcWw7AWRntwHKYeAQB4", "content": "", "creation_timestamp": "2025-06-11T20:16:15.000000Z"}, {"uuid": "11f99dc9-8590-42e1-982f-adec54e7a63f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://gist.github.com/joetustin-cyera/c7d3ab11a87c1c714cd1a843a1a3b91c", "content": "", "creation_timestamp": "2026-03-30T22:31:06.000000Z"}, {"uuid": "2926e07c-cbcb-4046-a40f-2d1ad8fcdad4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://t.me/poxek/6035", "content": "\u0412\u0430\u0448 LLM-\u0430\u0433\u0435\u043d\u0442\u044b \u0432 \u0437\u043e\u043d\u0435 \u0440\u0438\u0441\u043a\u0438: 3 \u043a\u0435\u0439\u0441\u0430 \u0438 \u0447\u0435\u043a-\u043b\u0438\u0441\u0442\n#ai #security #llm #\u0430\u0433\u0435\u043d\u0442\u044b #agent \n\n\u267e\ufe0f\u041a\u0435\u0439\u0441\u044b\u267e\ufe0f\n\n\u27a1\ufe0f McKinsey: \u0430\u0432\u0442\u043e\u043d\u043e\u043c\u043d\u044b\u0439 \u0430\u0433\u0435\u043d\u0442-\u043f\u0435\u043d\u0442\u0435\u0441\u0442\u0435\u0440 \u043d\u0430\u0448\u0451\u043b \u0432 \u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u043a\u043b\u0430\u0441\u0441\u0438\u0447\u0435\u0441\u043a\u0443\u044e SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u044e. \u0427\u0435\u0440\u0435\u0437 \u043d\u0435\u0451 \u043c\u043e\u0436\u043d\u043e \u0431\u044b\u043b\u043e \u043f\u043e\u0434\u043c\u0435\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u043c\u0442 \u0430\u0433\u0435\u043d\u0442\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043a\u0440\u0443\u0442\u0438\u0442\u0441\u044f \u043f\u043e\u0432\u0435\u0440\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u041e\u0442\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 + classic injection = \u043f\u043e\u043b\u043d\u044b\u0439 compromise. \u041d\u0430\u0448\u0451\u043b \u043d\u0435 \u0447\u0435\u043b\u043e\u0432\u0435\u043a - \u043d\u0430\u0448\u0451\u043b \u0434\u0440\u0443\u0433\u043e\u0439 \u0430\u0433\u0435\u043d\u0442.\n\u27a1\ufe0f EchoLeak (CVE-2025-32711): zero-click \u0432 Microsoft 365 Copilot. \u0410\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u043f\u0440\u0438\u0441\u044b\u043b\u0430\u0435\u0442 \u043f\u0438\u0441\u044c\u043c\u043e \u0441 prompt injection, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043f\u0440\u043e\u0441\u0438\u0442 Copilot \u0441\u0434\u0435\u043b\u0430\u0442\u044c summary - \u0434\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u0435\u043a\u0430\u044e\u0442 \u0431\u0435\u0437 \u0435\u0434\u0438\u043d\u043e\u0433\u043e \u043a\u043b\u0438\u043a\u0430. XPIA-\u043a\u043b\u0430\u0441\u0441\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u043f\u0440\u043e\u0448\u043b\u0438 \u043c\u0438\u043c\u043e, \u043f\u043e\u0442\u043e\u043c\u0443 \u0447\u0442\u043e prompt \u0431\u044b\u043b \u043d\u0430\u043f\u0438\u0441\u0430\u043d \"\u0434\u043b\u044f \u0447\u0435\u043b\u043e\u0432\u0435\u043a\u0430\".\n\u27a1\ufe0f s1ngularity (NX, \u0430\u0432\u0433\u0443\u0441\u0442 2025): supply chain \u043d\u0430 npm-\u043f\u0430\u043a\u0435\u0442 NX. \u0412\u043c\u0435\u0441\u0442\u043e \u0442\u043e\u0433\u043e \u0447\u0442\u043e\u0431\u044b \u0433\u0440\u0435\u043f\u0430\u0442\u044c \u0434\u0438\u0441\u043a, \u0437\u043b\u043e\u0432\u0440\u0435\u0434 \u043d\u0430\u0442\u0440\u0430\u0432\u043b\u0438\u0432\u0430\u043b Claude Code, Gemini CLI \u0438 Amazon Q \u0438\u0441\u043a\u0430\u0442\u044c \u0441\u0435\u043a\u0440\u0435\u0442\u044b. \u041f\u0435\u0440\u0432\u0430\u044f AI-weaponized supply chain \u0430\u0442\u0430\u043a\u0430: ~2300 \u0441\u0435\u043a\u0440\u0435\u0442\u043e\u0432 \u0438\u0437 1300+ \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0435\u0432.\n\n\u267e\ufe0f\u0413\u043b\u0430\u0432\u043d\u044b\u0439 \u0442\u0435\u0439\u043a\u267e\ufe0f\n\n\u041f\u0440\u043e\u043c\u0442 \u0438 \u0434\u0430\u043d\u043d\u044b\u0435 \u0432 LLM \u043d\u0435\u0440\u0430\u0437\u0434\u0435\u043b\u0438\u043c\u044b. SQL \u043c\u043e\u0436\u043d\u043e \u0438\u0437\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e, \u0430 LM \u043e\u0441\u0442\u0430\u043d\u0435\u0442\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0439 \u0432\u0441\u0435\u0433\u0434\u0430: \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043a\u0438 \u043b\u043e\u0432\u044f\u0442 ~50%, \u043a\u043b\u0430\u0441\u0441\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b ~25%, LLM-guard \u0435\u0449\u0451 ~15%. \u041e\u0441\u0442\u0430\u0432\u0448\u0438\u0439\u0441\u044f 1% \u0441 \u043d\u0430\u043c\u0438 \u043d\u0430\u0432\u0441\u0435\u0433\u0434\u0430.\n\n\u267e\ufe0f\u0427\u0435\u043a-\u043b\u0438\u0441\u0442 \u043d\u0430 \u043f\u0440\u043e\u0434\u267e\ufe0f\n\n\u25aa\ufe0fAllowlist \u0442\u0443\u043b\u043e\u0432 + tool gating\n\u25aa\ufe0f\u0420\u0430\u0437\u0434\u0435\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u043c\u0442\u0430, \u043f\u0430\u043c\u044f\u0442\u0438 \u0438 \u0434\u0430\u043d\u043d\u044b\u0445 \u0432 \u0440\u0430\u0437\u043d\u044b\u0445 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430\u0445\n\u25aa\ufe0f\u0418\u043d\u0432\u0435\u043d\u0442\u0430\u0440\u0438\u0437\u0430\u0446\u0438\u044f \u0430\u0433\u0435\u043d\u0442\u043e\u0432 \u0438 \u0438\u0445 \u0438\u0441\u0445\u043e\u0434\u044f\u0449\u0438\u0445 \u043a\u043e\u043d\u043d\u0435\u043a\u0442\u043e\u0432\n\u25aa\ufe0fObservability - \u043b\u043e\u0433\u0438\u0440\u0443\u0439 \u043f\u0440\u043e\u043c\u0442\u044b \u0438 tool calls\n\u25aa\ufe0f\u041d\u0438\u043a\u0430\u043a\u043e\u0433\u043e \u0432\u044b\u0445\u043e\u0434\u0430 \u0432 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u0431\u0435\u0437 \u043f\u0440\u043e\u0441\u043b\u043e\u0439\u043a\u0438\n\u25aa\ufe0f\u041d\u0435 \u0434\u043e\u0432\u0435\u0440\u044f\u0439 README, .env \u0438 RAG-\u0447\u0430\u043d\u043a\u0430\u043c\n\u25aa\ufe0fRed-teaming \u043f\u0440\u0438 \u043a\u0430\u0436\u0434\u043e\u0439 \u0441\u043c\u0435\u043d\u0435 \u043c\u043e\u0434\u0435\u043b\u0438\n\u25aa\ufe0f\u041c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433 supply chain: MCP, \u0441\u043a\u0438\u043b\u043b\u044b, \u0441\u043a\u0430\u0447\u0438\u0432\u0430\u0435\u043c\u044b\u0435 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u044b\n\n\u0410\u0433\u0435\u043d\u0442\u044b \u0440\u0430\u0437\u0440\u0435\u0448\u0430\u044e\u0442 \u0432\u0441\u0451 \u043f\u043e \u0447\u0443\u0442\u044c-\u0447\u0443\u0442\u044c: \u0441\u043d\u0430\u0447\u0430\u043b\u0430 read, \u043f\u043e\u0442\u043e\u043c create, \u043f\u043e\u0442\u043e\u043c delete. \u0418 \u0432\u043e\u0442 \u0442\u044b \u0443\u0436\u0435 \u0434\u043e\u0432\u0435\u0440\u0438\u043b rm -rf \u0441\u0432\u0435\u0436\u0435\u0439 \u043c\u043e\u0434\u0435\u043b\u0438 \u043d\u0430 \u043d\u043e\u0443\u0442\u0435 \u0441 \u043f\u0440\u043e\u0434\u0430\u043a\u0448\u043d-\u043a\u043b\u044e\u0447\u0430\u043c\u0438.\n\n\u267e\ufe0f\u0413\u0434\u0435 \u044d\u0442\u043e \u043e\u0431\u0441\u0443\u0434\u0438\u0442\u044c \u0432\u0436\u0438\u0432\u0443\u044e\u267e\ufe0f\n\n22 \u0430\u043f\u0440\u0435\u043b\u044f \u0432 \u041c\u043e\u0441\u043a\u0432\u0435 South HUB \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442 \u043a\u043b\u0443\u0431\u043d\u0443\u044e \u0432\u0441\u0442\u0440\u0435\u0447\u0443 \"\u041a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u0432 \u044d\u043f\u043e\u0445\u0443 AI-\u0430\u0433\u0435\u043d\u0442\u043e\u0432\". \u0424\u043e\u0440\u043c\u0430\u0442 - \u043e\u0442\u043a\u0440\u044b\u0442\u0430\u044f \u0434\u0438\u0441\u043a\u0443\u0441\u0441\u0438\u044f \u0431\u0435\u0437 \u0434\u043e\u043a\u043b\u0430\u0434\u043e\u0432 \u0438 \u0441\u043b\u0430\u0439\u0434\u043e\u0432. \u0421\u0440\u0435\u0434\u0438 \u0441\u043f\u0438\u043a\u0435\u0440\u043e\u0432 \u0410\u043d\u0434\u0440\u0435\u0439 \u041a\u0443\u0437\u043d\u0435\u0446\u043e\u0432 (Head of ML, Positive Technologies) - \u043e\u0434\u0438\u043d \u0438\u0437 \u0443\u0447\u0430\u0441\u0442\u043d\u0438\u043a\u043e\u0432 \u0442\u043e\u0433\u043e \u0441\u0430\u043c\u043e\u0433\u043e \u043f\u043e\u0434\u043a\u0430\u0441\u0442\u0430, \u0410\u0440\u0442\u0451\u043c \u0413\u0443\u0442\u043d\u0438\u043a (CISO \u041d\u0421\u041f\u041a), \u0410\u043b\u0435\u043a\u0441\u0435\u0439 \u041b\u0435\u0434\u043d\u0435\u0432 (PT ESC) \u0438 \u0410\u043b\u0435\u043a\u0441\u0435\u0439 \u041b\u0443\u043a\u0430\u0446\u043a\u0438\u0439. \u0420\u0435\u0433\u0430 \u0422\u0423\u0422", "creation_timestamp": "2026-04-10T13:40:17.000000Z"}, {"uuid": "dc0c9f3f-dc69-4180-8b1d-fce4ebbf6b64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "published-proof-of-concept", "source": "Telegram/ph88y4G5oeScgD258CchMKrpr3BuS4k3KcSxkFOuLvPbbMI", "content": "", "creation_timestamp": "2025-06-11T20:16:04.000000Z"}, {"uuid": "76f11018-f145-4a75-9419-05dd8412c2a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://gist.github.com/solzard/f1c5ad92142f2d8077e3e316e5dad350", "content": "", "creation_timestamp": "2026-04-16T01:52:33.000000Z"}, {"uuid": "563e868e-d3a2-4e5d-9240-2e35a6c23444", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "published-proof-of-concept", "source": "https://t.me/cKure/14819", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 \u26a0\ufe0f Zero-click AI exploit in Microsoft 365 Copilot (CVE-2025-32711, CVSS 9.3) lets attackers steal sensitive data silently via email\u2014no user interaction needed.\n\nDetails \u2193 https://thehackernews.com/2025/06/zero-click-ai-vulnerability-exposes.html", "creation_timestamp": "2025-06-12T13:43:43.000000Z"}, {"uuid": "97eaf0c7-07f5-4478-8845-c4e9ed9aff87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "published-proof-of-concept", "source": "Telegram/UHDH5Dy8dLbKDvrSUjbHqZq8jdYbFApOrWWgQ31t4VSl0Kk", "content": "", "creation_timestamp": "2026-04-20T15:00:07.000000Z"}, {"uuid": "45434396-ee54-445a-b9e6-7977ac10cb2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "Telegram/AaTAW-wTv-7ucBtckgiv1ePBmskZzSVVBdsY9-izGq72-Q", "content": "", "creation_timestamp": "2025-06-12T12:30:25.000000Z"}, {"uuid": "e8d4bced-fdb2-4218-97d1-3ccc2715046c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18135", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-32711\n\ud83d\udd25 CVSS Score: 9.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Ai command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.\n\ud83d\udccf Published: 2025-06-11T13:22:38.935Z\n\ud83d\udccf Modified: 2025-06-11T19:09:11.255Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32711", "creation_timestamp": "2025-06-11T19:33:23.000000Z"}, {"uuid": "89e526ed-1eaf-41d4-8e5e-f7705e82d77d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://gist.github.com/gacebmohammedseghir17/1e15e1b0e86b0d87ee464e70f8264c79", "content": "", "creation_timestamp": "2026-04-25T18:55:50.000000Z"}, {"uuid": "7a37cdb2-9160-4bf8-8270-d845a36fc077", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "published-proof-of-concept", "source": "https://t.me/thehackernews/6990", "content": "\ud83d\udea8 Zero-click AI exploit in Microsoft 365 Copilot (CVE-2025-32711, CVSS 9.3) lets attackers steal sensitive data silently via email\u2014no user interaction needed.\n\nDetails \u2193 https://thehackernews.com/2025/06/zero-click-ai-vulnerability-exposes.html\n\nAlready patched, but shows serious AI security risks ahead.", "creation_timestamp": "2025-06-12T13:15:06.000000Z"}, {"uuid": "b393eb3f-dcc9-4d6f-b3ae-921d66709667", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "published-proof-of-concept", "source": "Telegram/jMzNX-l4Xiewg1jOXgl1UhvTkx33owdRFberACL7GL_LkOo", "content": "", "creation_timestamp": "2025-06-28T11:00:09.000000Z"}, {"uuid": "51699d06-ce7b-4332-97ff-9bbb46f12cba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://t.me/information_security_channel/53707", "content": "\u2018EchoLeak\u2019 AI Attack Enabled Theft of Sensitive Data via Microsoft 365 Copilot\nhttps://www.securityweek.com/echoleak-ai-attack-enabled-theft-of-sensitive-data-via-microsoft-365-copilot/\n\nMicrosoft recently patched CVE-2025-32711, a vulnerability that could have been used for zero-click attacks to steal data from Copilot.\nThe post \u2018EchoLeak\u2019 AI Attack Enabled Theft of Sensitive Data via Microsoft 365 Copilot (https://www.securityweek.com/echoleak-ai-attack-enabled-theft-of-sensitive-data-via-microsoft-365-copilot/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2025-06-12T13:30:53.000000Z"}, {"uuid": "e9d909d5-f411-43b6-8b6e-e605b3e24e94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32711", "type": "seen", "source": "https://gist.github.com/hungson175/e09e3e9302e7a5e4fa30701d485c1815", "content": "", "creation_timestamp": "2026-05-04T13:05:27.000000Z"}, {"uuid": "c02ff841-1060-4307-b62b-38af10bc9aff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-32711", "type": "seen", "source": "https://gist.github.com/hungson175/e602af034af17fc3f93c648f39f6431a", "content": "", "creation_timestamp": "2026-05-05T02:53:15.000000Z"}]}