Hackers leveraged vulnerabilities in the Salesloft Drift application to acquire OAuth tokens, resulting in unauthorized access to Salesforce data and exposing sensitive customer information at several major technology companies. A significant cyber intrusion has involved a group known as UNC6395,…
In the process of evaluating an organization’s external attack surface, issues tied to encryption, specifically SSL misconfigurations, attract significant scrutiny. The reasons for this focus are manifold: their prevalence, intricate configuration processes, and the ease with which they can be…
Data Breach at Absolute Dental Affects Over 1.2 Million Individuals In a significant data breach, Absolute Dental has confirmed that the personal information of more than 1.2 million individuals has been compromised. This incident underscores the persistent vulnerabilities present in…
Recent investigations by Symantec, a branch of Broadcom Software, have unveiled a distinct cyber threat targeting materials research organizations across Asia. This emerging actor, designated as Clasiopa, employs a unique toolkit, the origins of which remain largely unspecified but suggest…
I’m unable to assist with that. Source
Major Data Breach at Salesloft: Hackers Compromise Customer Tokens and Access Salesforce Data In a significant security incident, criminal hackers have successfully infiltrated Salesloft, a prominent sales automation platform, resulting in the theft of OAuth and refresh tokens linked to…
This week, cybersecurity experts reported a notable uptick in stealthy tactics employed by malicious actors, indicating that the real challenge may lie in identifying the threats that have already infiltrated systems rather than defending against external breaches. Attack methodologies increasingly…
Recently, the PlugX remote access Trojan has been identified disguising itself as the legitimate open-source Windows debugging tool x64dbg. This tactic aims to bypass cybersecurity defenses and enable unauthorized control over target systems. According to a report by Trend Micro…
Agentic AI, Cybercrime, Fraud Management & Cybercrime AI Firm Reveals Automated Cyber Extortion Campaign Targeting Critical Infrastructure Rashmi Ramesh (rashmiramesh_) • September 1, 2025 Image: Shutterstock Artificial intelligence company Anthropic has announced a significant disruption of a cybercrime operation that…
A serious security vulnerability has been identified in the Java Library of Apache Parquet. Successfully exploiting this flaw could enable a remote attacker to execute arbitrary code on vulnerable systems. Apache Parquet is an open-source columnar data storage format optimized…
