Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime, Government Three-Year Espionage Campaign Targets Taiwanese Firms Akshaya Asokan (asokan_akshaya) • November 21, 2025 (Image: Shutterstock) Security researchers have uncovered a multi-year espionage operation attributed to a hacking group with suspected ties to the Chinese government. This sustained campaign, lasting three years,…
Salesforce Detects Unauthorized Activity Linked to Gainsight Applications On November 21, Salesforce informed its customers of unusual activity tied to applications developed by Gainsight, which are directly managed by users. The detection of this atypical behavior raised concerns regarding potential unauthorized access to sensitive Salesforce data through its connection with…
A significant data breach has occurred involving a campaigning site utilized by Likud, the political party led by Israeli Prime Minister Benjamin Netanyahu. The breach has exposed sensitive personal information belonging to approximately 6.5 million eligible Israeli voters, occurring just weeks ahead of the upcoming legislative elections. In Israel, political…
Government, Healthcare, Industry Specific Also: Akira Ransomware Targets Healthcare, AI’s Sycophancy Becomes a Security Risk Anna Delaney (annamadeline) • November 21, 2025 Clockwise, from top left: Anna Delaney, Tony Morbin, Chris Riotta, and Marianne Kolbasuk McGee This week’s ISMG Editors’ Panel convened a discussion among four seasoned editors, who addressed…
EXCLUSIVE ShinyHunters has reportedly taken responsibility for a security breach at Gainsight, further compromising the data of numerous Salesforce customers. This breach expands the ongoing ramifications of earlier cyber incidents, particularly the Salesloft Drift hack from earlier this year, which ShinyHunters claims provided them with the initial access to Gainsight’s…
T-Mobile Data Breach Exposes Sensitive Information of Customers and Employees T-Mobile, the prominent US telecommunications provider, has recently reported a serious data breach that has compromised the personal and account-related information of its customers and employees. This incident raises significant concerns about cybersecurity vulnerabilities in the telecom sector, particularly for…
Governance & Risk Management, Healthcare, Industry Specific Settlement Approved in Class Action Linked to Former Employee’s Data Breach Marianne Kolbasuk McGee (HealthInfoSec) • November 20, 2025 A federal court has granted preliminary approval for a $5 million settlement in a breach lawsuit involving a former Nuance employee and Geisinger Health.…
— In the wake of the recent Gainsight incident, Chief Information Security Officers (CISOs) and security teams are urged to take immediate action to safeguard their organizations against potential vulnerabilities in their Software as a Service (SaaS) environments. Cybersecurity expert, Larsen, emphasized the importance of viewing this incident as a…
Massive Data Exposure Affects Over 200 Million US Citizens In a significant breach of security, more than 200 million records containing sensitive information about US residents were left unprotected in an unsecured online database. The database, hosted on Google Cloud, required no password or authentication for access, making it vulnerable…
