Medha Cloud Blog
Insights, tutorials, and best practices for cloud computing, Microsoft 365, and managed IT services.
Latest Articles
Stay updated with the latest trends and best practices
Zoom’s New AI Features Raise Questions About Meeting Privacy
By Medha Cloud Security Desk When Zoom quietly updated its privacy policy to allow data from meetings to help train its artificial-intelligence models, the backlash was immediate.Executives, attorneys, and educators—people who built their workdays around virtual meetings—wanted to know: Were our conversations being used to teach an algorithm? Zoom later clarified that it would not […]
Ipconfig
Ipconfig Command: The Complete Guide Introduction Having network problems on your Windows computer? The ipconfig command can solve most connection issues in seconds. This guide shows you exactly how to use ipconfig with real examples, clear explanations, and practical solutions. You’ll learn what ipconfig does, how to run every command, and how to fix common […]
Leaked Business Data Fuels a New Wave of Phishing Against Google Workspace Users
By Medha Cloud Security Desk A fresh surge of phishing attacks is exploiting publicly leaked business information to impersonate real colleagues and suppliers inside Google Workspace.Analysts say the campaigns mark a shift in social-engineering tactics: rather than sending generic spam, attackers now weaponize authentic data drawn from recent CRM and marketing-platform breaches. (The Economic Times) […]
Researchers Warn of “Promptware” Attacks That Could Manipulate Google Workspace AI
By Medha Cloud Security Desk Artificial intelligence was meant to simplify office work. Now, researchers say it is quietly creating a new kind of cyber weapon. A recent study from academic and industry analysts describes a growing class of threats called “promptware” attacks—malicious instructions embedded in ordinary documents, spreadsheets, or calendar entries that exploit the […]
Google Rolls Out Device-Bound Tokens as Session Theft Escalates Across Workspace
By Medha Cloud Security Desk Google is quietly expanding a new security measure that binds browser sessions to the physical devices that created them, an acknowledgment that cookie-stealing attacks have become one of the most persistent threats to Google Workspace accounts.The initiative, called Device Bound Session Credentials (DBSC), is now being tested across Chrome and […]
Growing Wave of OAuth Abuse Exposes the Hidden Risks in Google Workspace
By Medha Cloud Security Desk A rising number of corporate intrusions are exploiting the trust built into cloud identity systems rather than breaking past their defenses.Security analysts tracking multiple incidents in 2025 describe a pattern: attackers are no longer stealing passwords — they are borrowing permission. Reports from independent researchers and Guardz Cyber Intelligence show […]
Compromised OAuth Tokens Exposed Google Workspace Email Accounts
By Medha Cloud Security Desk A recent data-theft campaign has shown how easily a trusted integration can become the weakest link in cloud security. Attackers exploited OAuth tokens used by third-party tools — notably the Drift Email and Salesloft integrations — to access a limited number of Google Workspace and Salesforce accounts. (Google Cloud Threat […]
Google’s “Summarize This Email” Feature Could Be Turned Against Workspace Users
By Medha Cloud Security Desk An investigation into Google Workspace’s Gemini AI has revealed that hidden text inside ordinary emails can quietly direct the assistant to act in ways the sender intended — not the reader.The weakness, uncovered by independent researchers, affects the “Summarize this email” feature available to Gmail and Workspace subscribers. By embedding […]
In Gmail, Invisible Instructions Could Turn Google’s AI Into a Security Risk
By Medha Cloud Security Desk A newly disclosed flaw in Google’s Gemini for Workspace shows how invisible text can be turned against artificial intelligence itself.Researchers found that attackers can embed hidden instructions inside ordinary Gmail messages, directing Gemini to perform actions the user never intended. The method relies on “ASCII smuggling,” a technique that hides […]
Zero-Click Flaw in Microsoft 365 Copilot Could Expose Sensitive Business Data
By Medha Cloud Security Desk Researchers have disclosed a serious vulnerability in Microsoft 365 Copilot that could allow attackers to exfiltrate sensitive corporate data without any user interaction. The exploit, known as EchoLeak and tracked as CVE-2025-32711, relies on a zero-click prompt-injection technique that manipulates the AI assistant’s language model to leak information silently. According […]
Retail Firms Hit by SharePoint Exploits and Microsoft 365 Identity Abuse Campaign
By Medha Cloud Security Desk Microsoft investigators have uncovered a series of coordinated cyberattacks targeting retail organizations, where hackers exploited SharePoint vulnerabilities and abused Microsoft Entra ID tokens to gain persistent access to corporate networks. The campaign, described in a Microsoft Threat Intelligence report, shows how threat actors are chaining cloud and on-premises weaknesses to […]
Attackers Exploit Microsoft 365 Email Feature to Send Convincing Spoofed Messages
By Medha Cloud Security Desk Security researchers have discovered that threat actors are exploiting a built-in Microsoft 365 email feature known as Direct Send, enabling them to send spoofed messages that appear to come from trusted internal addresses — without authentication.The finding, detailed by analysts at Mimecast Threat Intelligence, underscores how legitimate features can be […]
Showing 12 of 1880 articles
Subscribe to Our Newsletter
Get the latest cloud computing insights, tips, and updates delivered to your inbox.