Tech Risk Reading Picks

1. When copilot is overly helpful: Pen Test Partners, a security consulting firm specializing in penetration testing, recently uncovered a major vulnerability in Microsoft’s Copilot AI for SharePoint. During a red team engagement, they demonstrated how AI, while beneficial for defense, can also be exploited by attackers. Despite strict SharePoint protections blocking access to an encrypted spreadsheet and an adjacent “passwords.txt” file, the team successfully bypassed these security measures by simply asking the Copilot AI agent to retrieve the file. Shockingly, the AI complied, printing out the contents including passwords, thereby granting access to the encrypted data. This incident underscores the growing risk of AI misuse in cyberattacks and the urgent need for securing AI-integrated systems. [more]

2. Heighten AI cyberattacks by 2027: The U.K.'s National Cybersecurity Center (NCSC) warned at the CyberUK conference that by 2027, the widespread adoption of AI will significantly increase the volume and impact of cyberattacks, particularly targeting British critical infrastructure. Nation-state actors and other hackers are already leveraging AI to enhance existing cyber intrusion methods, and both will likely use commercial and open-source AI tools to exploit vulnerabilities, evade detection, and bolster technical capabilities. The NCSC emphasized that without improved cybersecurity measures, AI-enabled threats could leave critical systems more vulnerable, urging a collective, integrated defense approach to counter these evolving risks. [more][more-2]

3. Microsoft combating AI misuse: Microsoft is aggressively combating the misuse of its AI tools by dismantling a global network, dubbed Storm-2139, responsible for creating harmful and sexually explicit images of celebrities and others by bypassing content safeguards. The operation began when Microsoft’s AI Incident Detection and Response team discovered stolen access credentials being used to manipulate its image-generation services. This prompted the company’s first legal action against AI misuse, targeting individuals across several countries who built and promoted tools to hack AI systems. Through its Digital Crimes Unit, Microsoft filed a civil complaint, seized infrastructure, and enhanced its AI safety mechanisms, including stronger content filters and the use of provenance metadata to trace image origins. The company’s broader effort focuses on digital safety, supporting affected customers, and advocating for systemic change, aiming to create a secure, respectful AI ecosystem while centering the needs of victims harmed by non-consensual image abuse. [more]

4. Assessing AI risk - Adobe’s style: While enthusiasm for generative AI continues to grow, responsible innovation requires a shift from viewing AI as a singular technology to evaluating its impact within specific real-world contexts. Despite sharing common foundations, AI applications range widely in complexity and risk, demanding context-sensitive guardrails. Effective AI governance must involve human oversight, especially for high-impact uses like agentic AI, and emphasize thorough testing and inclusive feedback to ensure relevance and safety. Companies like Adobe demonstrate this by integrating ethical review frameworks, such as their AI Ethics Impact Assessment, into product development. Ultimately, a flexible, context-driven approach—rooted in transparency, responsibility, and proactive risk mitigation—is essential to building trustworthy AI that serves society while minimizing harm. [more]

5. Bitcoin’s quantum risk: BlackRock has updated its S-1 registration for the iShares Bitcoin Trust (IBIT) to include potential risks from quantum computing, warning that future advancements could undermine Bitcoin's cryptographic security and allow unauthorized access to wallets. While such risks remain theoretical, BlackRock emphasized the importance of disclosing all possible threats. Bloomberg analyst James Seyffart noted that these disclosures are standard practice in ETF filings. Despite the caution, IBIT continues to lead the spot Bitcoin ETF market with over $5.1 billion in recent inflows. Additionally, BlackRock amended its Ethereum ETF filing to propose an in-kind redemption model, aiming to reduce costs and market friction, pending SEC approval. [more]

6. AI challenges in education: Generative AI, while powerful in identifying patterns from vast datasets to create new content, poses significant risks in academia where students often lack both the subject knowledge and AI literacy to critically assess its outputs. This leads to overreliance on AI, a loss of genuine learning, and a widening gap between true expertise and confident misinformation. The authors argue that universities must respond by integrating critical AI literacy across disciplines, emphasizing the intrinsic value of knowledge beyond credentials, and modeling “dual expertise” — combining subject mastery with informed AI engagement. Only through this can students be prepared to navigate and contribute meaningfully in an AI-driven world. [more]

7. Risk in the increasing complexity of cloud environments: The 2025 State of Cyber Security report by Check Point reveals that the increasing complexity of cloud environments is overwhelming security teams, as multi-cloud adoption, edge computing, and SaaS sprawl lead to fragmented visibility and control. Attackers are exploiting misconfigurations, hybrid infrastructures, and inconsistent defenses to launch sophisticated, cross-domain campaigns, often undetected. These risks are compounded by a growing skills gap, where undertrained staff struggle to manage evolving cloud-native threats, leading to missteps and delayed responses. With threat volumes rising—particularly infostealers and supply chain attacks—Check Point suggests organizations to consolidate tools, automate security, and invest in workforce upskilling to regain control and build long-term resilience. [more]

8. South African Airways’ cyber incident: South African Airways (SAA) experienced a significant cyber incident on May 3rd that temporarily disrupted its website, mobile app, and internal systems, prompting the airline to activate its disaster management and business continuity protocols. The swift response successfully contained the disruption, restored core operations the same day, and maintained essential customer service channels. An independent investigation is underway to determine the root cause and assess whether any data was compromised. SAA has notified relevant authorities, including the State Security Agency and Information Regulator, and reaffirmed its commitment to cybersecurity and operational integrity. This incident follows a recent cyberattack on MTN Group, which exposed customer data without compromising core systems. [more][more-2]

Web3 Cryptospace Spotlight

1. Coinbase infiltrated after hackers bribed overseas support staff for information: Coinbase disclosed that it expects to incur between $180 million and $400 million in remediation and voluntary customer reimbursement costs after a security breach in which attackers accessed sensitive customer information by bribing overseas employees. The stolen data included names, addresses, masked social security and bank account numbers, government ID images, and more, though two-factor authentication codes and private keys were not compromised. Coinbase immediately terminated the involved staff, notified law enforcement, and plans to pursue criminal charges. The company also received a $20 million ransom demand in bitcoin and has offered a $20 million bug bounty for information leading to an arrest. The confirmation of cyber criminal activity comes three months after on-chain sleuth ZachXBT claimed that Coinbase users had lost $300 million to social engineering scams. [more][more-2]

2. DeFi lacks transparency: A recent study by Exponential, a startup offering risk ratings for DeFi, reveals that protocols without publicly published audits are 68% more likely to suffer negative events like hacks, which often lead to project failure. Despite DeFi’s promise of transparency, rapid innovation often hides critical vulnerabilities. The research found that most protocols that caused user losses were unaudited, citing high-profile cases like Sonne and Ronin Bridge. Additional risk factors include the absence of multi-signature wallets and exposure to unstable assets like algorithmic stablecoins. Exponential emphasizes the need for clear risk assessments to protect users in an otherwise opaque market. [more]