A sophisticated phishing campaign targeting Facebook users has been detected, exploiting a critical zero-day vulnerability within Salesforce’s email services. This exploit enables malicious actors to craft highly tailored phishing messages utilizing Salesforce’s domain and infrastructure, significantly increasing the chances of success. Researchers at Guardio Labs, Oleg Zaytsev and Nati Tal,…
Recent research has unveiled alarming vulnerabilities concerning fax machines that could be exploited by remote attackers using nothing more than a fax number. Check Point researchers have pinpointed two critical remote code execution (RCE) vulnerabilities embedded within the communication protocols of millions of fax machines worldwide. Contrary to the perception…
Researchers at the Acronis Threat Research Unit (TRU) have uncovered a troubling trend where hackers are exploiting current news headlines to target U.S. government entities. Eschewing complex exploits, these cybercriminals utilize a more straightforward method: leveraging public curiosity about current events. In a report by Ilia Dafchev and Subhajeet Singha,…
In a recent development in cybersecurity, a teenage hacker affiliated with the hacktivist group “Cracka with Attitude” has been arrested in what authorities believe to be a series of high-profile breaches targeting U.S. government officials, including the CIA director. The suspect, a 16-year-old from the United Kingdom, is accused of…
3rd Party Risk Management, Artificial Intelligence & Machine Learning, Governance & Risk Management Rising Trend of Third-Party Breaches Affects AI Suppliers Rahul Neel Mani (@rneelmani) • January 13, 2026 Image: Pixabay The recent breach affecting Korean Air, which compromised sensitive data belonging to thousands of employees, was initially dismissed as…
SK Telecom Challenges Record Data Leak Fine in South Korea SEOUL, Jan. 19 (Yonhap) — SK Telecom Co., South Korea’s foremost mobile telecom provider, has initiated legal action to contest a landmark fine of 135 billion won (approximately US$91 million) imposed by the nation’s data protection authority. This fine stems…
Recent reports indicate that numerous Citrix NetScaler ADC and Gateway servers have suffered breaches orchestrated by cybercriminals deploying web shells. This information comes from the Shadowserver Foundation, which highlights a worrying trend in cybersecurity threats. The attacks exploit CVE-2023-3519, a severe code injection vulnerability that can facilitate unauthenticated remote code…
A former Microsoft network engineer, Raymond Odigie Uadiale, recently received an 18-month prison sentence for his role in a money laundering operation tied to the Reveton ransomware. Uadiale had pleaded guilty earlier this year, highlighting the ongoing issue of cybersecurity threats and the criminal exploitation of digital platforms. Reveton, a…
Cybersecurity Incident: Linux Mint Users Exposed to Malicious ISO Download On February 20, a significant cybersecurity incident occurred involving the popular Linux Mint operating system, specifically its 17.3 Cinnamon edition. An unknown hacker or group of individuals successfully infiltrated the Linux Mint website, compromising the integrity of the download links…
