Meta’s Battle Against Scam Ads: Insights from Former Executive In 2019, billionaire Dutch television producer John de Mol initiated legal action against Facebook, alleging the platform’s negligence in preventing scammers from misusing his likeness in fraudulent advertisements. In response, Facebook dispatched Rob Leathern to Amsterdam to engage with de Mol’s…
GitHub Exposes OAuth Token Exploit Used by Malicious Actor On Friday, GitHub, the prominent cloud-based repository hosting service, announced a breach involving the exploitation of stolen OAuth user tokens by an unidentified adversary. These tokens were allegedly used to illegitimately access and download sensitive data from multiple organizations. Mike Hanley,…
Attack Surface Management, Governance & Risk Management, Operational Technology (OT) Funding Round Led by Goldman Sachs Elevates Valuation to $6.1 Billion Cal Harrison • November 5, 2025 Yevgeny Dibrov, co-founder and CEO, Armis (Image: Armis) Cyber exposure management firm Armis has announced a significant pre-IPO funding round worth $435 million,…
Hyundai AutoEver America, LLC Confirms Data Breach of Sensitive Customer Information Hyundai AutoEver America, LLC has officially acknowledged a substantial data breach that has compromised sensitive customer information. The automotive software firm communicated the breach to impacted individuals through official notification letters, indicating that cybercriminals unlawfully accessed personal data, including…
A suspected nation-state actor has been detected exploiting three critical vulnerabilities in the Ivanti Cloud Service Appliance (CSA), leveraging these zero-day flaws to conduct a series of targeted cyberattacks. According to Fortinet’s FortiGuard Labs, these vulnerabilities allowed attackers to gain unauthorized access to the CSA, enumerate users, and access their…
A persistent brute-force attack campaign, believed to be orchestrated by Russian military intelligence, has targeted enterprise cloud environments since mid-2019. This information is detailed in a joint advisory released by intelligence agencies in both the United States and the United Kingdom. The National Security Agency (NSA), Cybersecurity and Infrastructure Security…
In a significant cybersecurity incident, the University of Pennsylvania has fallen victim to a data breach that has raised alarms within its community. Following the breach, a hacker disseminated an email to numerous recipients, claiming responsibility while disparaging the institution. The email’s provocative subject line, “We got hacked (Action Required),”…
GitHub Confirms Breach Involving Stolen OAuth Tokens GitHub has confirmed a security incident in which unauthorized actors exploited third-party OAuth user tokens from Heroku and Travis CI to access private repository data. On Monday, the platform announced that it has informed all affected customers, emphasizing the need for continued vigilance…
Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime Chinese Hackers Exploit Windows Vulnerability Against European Diplomats Akshaya Asokan (asokan_akshaya) , David Perera (@daveperera) • November 5, 2025 Image: AR Pictures/Shutterstock Security researchers have reported that Chinese nation-state hackers are actively using a Windows vulnerability to target European…
