Palo Alto Networks, Zscaler and PagerDuty Hit in Salesforce Linked Data Breaches
Hackers exploited the Salesloft Drift app to steal OAuth tokens and access Salesforce data, exposing customer details at…
Cyber Attack
Prompt Injection Attacks Can Exploit AI-Powered Cybersecurity Tools
Researchers have demonstrated that advanced prompt injection techniques can turn defensive AI agents into potent vectors for system compromise. The findings, detailed in a new preprint titled “Cybersecurity AI: Hacking the AI Hackers via Prompt Injecti…
Silver Fox APT Exploits Signed Windows Driver to Deliver ValleyRAT
Check Point reports Silver Fox APT using a signed WatchDog driver flaw to disable Windows security and deliver…
North Korea’s ScarCruft Targets Academics With RokRAT Malware
A new report reveals North Korea-linked ScarCruft is using RokRAT malware to target academics in a phishing campaign.…
Amazon Disrupts Russian APT29 Watering Hole Targeting Microsoft Authentication
Amazon has disrupted a Russian APT29 watering hole campaign that used compromised sites to target Microsoft authentication with…
Salesforce Publishes Forensic Guide After Series of Cyberattacks
Salesforce has published a comprehensive forensic investigation guide aimed at empowering organizations to detect, analyze, and remediate security incidents within their Salesforce environments. The new guide distills best practices across three critic…
8 Malicious NPM Packages Stole Chrome User Data on Windows
JFrog researchers found eight malicious NPM packages using 70 layers of obfuscation to steal data from Chrome browser…
TransUnion Data Breach: 4.4 Million US Consumers’ Data Stolen
A TransUnion data breach exposed 4.4 million US consumers’ Social Security numbers via a Salesforce hack. The attack…
State of Nevada Faces IT Outage Amid Cyberattack, Offices Suspended
The State of Nevada became the target of a significant cyberattack which resulted in a substantial network security incident impacting government infrastructure across multiple agencies. According to an official communication from the Governor’s Techno…
Thousands of Developer Credentials Stolen in macOS “s1ngularity” Attack
A supply chain attack called “s1ngularity” on Nx versions 20.9.0-21.8.0 stole thousands of developer credentials. The attack targeted…