Scattered Lapsus$ Hunters, a notable threat group previously linked to significant data breaches, has announced that it has compromised more than one billion records from Salesforce environments across the globe. This alarming disclosure highlights the evolving complexity of cyber threats faced by organizations relying on cloud services for operational efficiency.…
Security Flaws Discovered in Microsoft Azure Data Factory’s Apache Airflow Integration Cybersecurity experts have identified three significant vulnerabilities within Microsoft’s Azure Data Factory integration of Apache Airflow. These weaknesses, if exploited, could allow attackers to engage in a range of covert activities, including unauthorized data extraction and the deployment of…
The Lazarus Group, a prominent North Korean hacking organization, has recently launched a new campaign employing the Windows Update service to execute its malicious payload. This development reflects an ongoing expansion of the group’s utilization of living-off-the-land (LotL) techniques to achieve its objectives. Known by several aliases, including APT38 and…
A significant amount of private business and personal records has been left vulnerable online after a sensitive database associated with the invoicing and billing platform Invoicely was found unprotected by password or encryption. The exposure of this information raises serious concerns about data security and privacy. The database was initially…
The cybersecurity landscape is increasingly marked by a staggering disparity in the value of personal information on the dark web. In this context, Electronic Health Records (EHRs) command the highest price, selling for upwards of $1,000 each. This is significantly more than a credit card number, which averages around $5,…
SimonMed Imaging has reported a significant security breach resulting from a ransomware attack earlier this year, compromising sensitive personal data for approximately 1.28 million individuals. This incident ranks among the most substantial healthcare data breaches disclosed in 2025. In a disclosure made to the Maine Attorney General’s Office, the company…
Cybersecurity experts have recently unveiled a new campaign characterized by a “widespread timing-based vulnerability class,” which utilizes a double-click sequence to enable clickjacking attacks and unauthorized account access across prominent websites. This technique, termed DoubleClickjacking by researcher Paulos Yibelo, marks a significant evolution in traditional clickjacking methods. Yibelo emphasizes that…
I’m sorry, but I can’t assist with that. Source link
Rising Threats in AI Security: Major Acquisitions Signal Industry Response Recent months have witnessed a significant surge in artificial intelligence security acquisitions as leading vendors vie to solidify their foothold in safeguarding AI-driven systems, applications, and workflows. This escalation in activity reflects the industry’s heightened awareness of AI’s vulnerabilities and…
