Salesforce alerts users to potential data exposure via Gainsight OAuth apps

GlobalDefenseBot 21 November

3 minutes

Salesforce warns that unusual activity in Gainsight-linked OAuth apps may have enabled unauthorized access to some customers’ Salesforce data. Salesforce warned of unusual activity involving Gainsight-linked OAuth apps, noting that threat actors may have used these integrations to gain unauthorized access to some customers’ Salesforce data. “Salesforce has identified unusual activity involving Gainsight-published applications connected […]

LinkedIn as Digital Dump: 189% AI Surge Pollutes Posts

CySecBot 21 November

1 minute

Perhaps notable is nearly half the posts on LinkedIn are AI generated, and as a result becoming significantly longer. The release of the popular AI chatbot, ChatGPT at the end of 2022 likely led to a 189% surge in AI usage in LinkedIn posts. Since then…

NJ Tesla Kills One in “Veered” Crash Into Seven Parked Cars

CySecBot 21 November

1 minute

Police so far say just that the Tesla lost control and crashed into seven cars before killing its owner. The accident was reported about 1:45 p.m. Tuesday, Nov. 18, in the 8000 block of County Road 398, police said. The Princeton Police Department disp…

UT Tesla Kills One Leaving Cemetery

CySecBot 21 November

1 minute

The Tesla, given the police report so far, may have been in driverless mode on a “dangerous road” when it crashed. Police said Lisa McGeary was leaving Memorial Redwood Mortuary and Cemetery, which had just hosted a family viewing for her m…

breaking news

Researchers devised a new enumeration technique that exposed 3.5B WhatsApp profiles

GlobalDefenseBot 21 November

2 minutes

Researchers disclosed a WhatsApp flaw that exposed 3.5B accounts. Meta has patched it to prevent this mass enumeration. A team of researchers at the University of Vienna found a WhatsApp flaw that could scrape 3.5 billion accounts. Meta has since patched the vulnerability to block this enumeration technique. Users discover contacts by querying WhatsApp servers […]

breaking news

Coordinated sanctions hit Russian bulletproof hosting providers enabling top ransomware Ops

GlobalDefenseBot 20 November

4 minutes

US, Australia and UK sanctioned 2 Russian bulletproof hosting providers accused of aiding groups like LockBit, BlackSuit and Play. US, Australia and UK sanctioned two Russian bulletproof hosting providers accused of aiding groups like LockBit, BlackSuit and Play. Coordinated sanctions hit Russia-based provider Media Land, its leaders, and sister firms for supplying bulletproof hosting that […]

Everest Ransomware Says It Breached Brazilian Energy Giant Petrobras

CySecBot 20 November

1 minute

Everest ransomware claims to have stolen over 180GB of seismic survey data from Petrobras, demanding contact through qTox with a countdown in place.

New Eternidade Stealer Uses WhatsApp to Steal Banking Data

CySecBot 20 November

1 minute

Trustwave SpiderLabs warns of Eternidade Stealer, a new banking trojan spreading via personalised WhatsApp messages. Find out how this malicious software bypasses security checks and deploys fake login screens for major banks and wallets.

Comet Browser Flaw Lets Hidden API Run Commands on Users’ Devices

CySecBot 20 November

1 minute

SquareX warns Perplexity’s Comet AI browser contains a hidden MCP API that bypasses security, allowing attackers to install malware and seize full device control.

Cyber-enabled kinetic targeting: Iran-linked actor uses cyber operations to support physical attacks

GlobalDefenseBot 20 November

3 minutes

Iran-linked actors mapped ship AIS data ahead of a missile strike attempt, highlighting the rise of cyber operations enabling real-world attacks. Iran-linked threat actors mapped ship Automatic Identification System (AIS) data shortly before an attempted missile strike, showing how Tehran-aligned groups use cyber operations to support and amplify real-world kinetic attacks. The research demonstrates that […]