In the midst of escalating tensions between the United States and Iran, President Donald Trump issued dire warnings as both nations engaged in ceasefire negotiations. Concurrently, US officials disclosed that hackers linked to Iran have targeted critical energy and water infrastructure in the United States. This alarming development occurs against…
Critical Security Updates for Apple iOS and macOS Released to Address Actively Exploited Vulnerabilities
September 24, 2021
On Thursday, Apple launched important security updates to tackle multiple vulnerabilities in older iOS and macOS versions, which have been exploited in real-world attacks. This release also expands on previous patches for a security flaw targeted by NSO Group’s Pegasus spyware aimed at iPhone users.
Notably, CVE-2021-30869, a type confusion vulnerability within Apple’s XNU kernel, could allow malicious apps to execute arbitrary code with elevated privileges. Apple has improved state handling to mitigate this issue. Google’s Threat Analysis Group, which reported the vulnerability, noted it was being exploited alongside a remote code execution vulnerability affecting WebKit.
Additionally, Apple addressed two more vulnerabilities, CVE-2021-30858 and CVE-2021-30860, which were patched earlier this month.
Apple Issues Critical Updates to Address Zero-Day Vulnerabilities in iOS and macOS September 24, 2021 Apple has issued important security updates for older versions of iOS and macOS in response to vulnerabilities that are currently being actively exploited. The company identified these issues during its ongoing security monitoring and reported…
Critical Security Updates for Apple iOS and macOS Released to Address Actively Exploited Vulnerabilities
September 24, 2021
On Thursday, Apple launched important security updates to tackle multiple vulnerabilities in older iOS and macOS versions, which have been exploited in real-world attacks. This release also expands on previous patches for a security flaw targeted by NSO Group’s Pegasus spyware aimed at iPhone users.
Notably, CVE-2021-30869, a type confusion vulnerability within Apple’s XNU kernel, could allow malicious apps to execute arbitrary code with elevated privileges. Apple has improved state handling to mitigate this issue. Google’s Threat Analysis Group, which reported the vulnerability, noted it was being exploited alongside a remote code execution vulnerability affecting WebKit.
Additionally, Apple addressed two more vulnerabilities, CVE-2021-30858 and CVE-2021-30860, which were patched earlier this month.
Oct 25, 2013
Last Tuesday, the National Police Agency of South Korea issued a warning about the proliferation of malware-infected video games available in the South Korean market, designed to facilitate cyberattacks against the country. This malware collects users’ location data and IP addresses, reportedly transmitting the information to servers based in North Korea.
Today, AhnLab, South Korea’s leading antivirus company, confirmed that they have detected distributed denial-of-service (DDoS) attacks targeting the websites of local businesses. The report indicates that approximately 16 websites belonging to 13 companies, including Daum, MSN, and the JoongAng Ilbo newspaper, have been affected. AhnLab noted that around 10,000 computers were compromised, primarily due to the failure to install or update antivirus programs since the last cyberattack in July. The attack was first identified around 4:00 p.m. on Thursday, impacting roughly 10,000 systems.
South Korea Faces Cyber Threats: Android Trojan, Malware in Gaming Apps, and DDoS Attacks On October 25, 2013, South Korea’s National Police Agency issued a stark warning regarding an alarming emergence of malware-laden video games infiltrating local markets. These applications are believed to serve as conduits for orchestrated cyber attacks…
Oct 25, 2013
Last Tuesday, the National Police Agency of South Korea issued a warning about the proliferation of malware-infected video games available in the South Korean market, designed to facilitate cyberattacks against the country. This malware collects users’ location data and IP addresses, reportedly transmitting the information to servers based in North Korea.
Today, AhnLab, South Korea’s leading antivirus company, confirmed that they have detected distributed denial-of-service (DDoS) attacks targeting the websites of local businesses. The report indicates that approximately 16 websites belonging to 13 companies, including Daum, MSN, and the JoongAng Ilbo newspaper, have been affected. AhnLab noted that around 10,000 computers were compromised, primarily due to the failure to install or update antivirus programs since the last cyberattack in July. The attack was first identified around 4:00 p.m. on Thursday, impacting roughly 10,000 systems.
Lego-themed propaganda videos that accuse parties of war crimes are rapidly infiltrating social media platforms, reflecting a strategic shift in information warfare reminiscent of the White House’s recent use of cryptic video teasers and meme-inspired visuals. This trend signifies more than just a change in content style; it represents a…
Sep 08, 2025
Cybersecurity / Hacking News
Cybersecurity constantly evolves, with each week bringing fresh threats, vulnerabilities, and crucial lessons for defenders. For security and IT teams, the challenge lies in discerning which risks demand immediate attention. This digest aims to provide a straightforward briefing to help prioritize what matters most.
This week, the notable story is the Salesloft–Drift breach, where attackers compromised OAuth tokens, gaining access to Salesforce data from major tech companies. This incident underscores how fragile integrations can become critical vulnerabilities in enterprise defenses.
Additionally, we’ll discuss several high-risk CVEs currently under active exploitation, the latest strategies of advanced threat actors, and new insights on streamlining security workflows for greater efficiency. Each section delivers essential information, ensuring you stay informed and prepared without being overwhelmed.
⚡ Threat of the Week
Salesloft to Take Drift of…
Weekly Cybersecurity Update: Major Data Breach at Salesloft Linked to Drift, Ongoing Threats, and Rising Cyber Intelligence September 08, 2025 Cybersecurity / Hacking News The landscape of cybersecurity remains in constant flux, with each week bringing fresh challenges, vulnerabilities, and essential takeaways for security professionals. For IT departments, navigating these…
Sep 08, 2025
Cybersecurity / Hacking News
Cybersecurity constantly evolves, with each week bringing fresh threats, vulnerabilities, and crucial lessons for defenders. For security and IT teams, the challenge lies in discerning which risks demand immediate attention. This digest aims to provide a straightforward briefing to help prioritize what matters most.
This week, the notable story is the Salesloft–Drift breach, where attackers compromised OAuth tokens, gaining access to Salesforce data from major tech companies. This incident underscores how fragile integrations can become critical vulnerabilities in enterprise defenses.
Additionally, we’ll discuss several high-risk CVEs currently under active exploitation, the latest strategies of advanced threat actors, and new insights on streamlining security workflows for greater efficiency. Each section delivers essential information, ensuring you stay informed and prepared without being overwhelmed.
⚡ Threat of the Week
Salesloft to Take Drift of…
Cisco Issues Patches for Three Critical Vulnerabilities in IOS XE Software
On September 24, 2021, Cisco Systems announced the release of patches to address three critical security vulnerabilities in its IOS XE network operating system. These flaws could allow remote attackers to execute arbitrary code with administrative privileges and potentially trigger a denial-of-service (DoS) condition on affected devices. The identified vulnerabilities are as follows:
The most critical issue, CVE-2021-34770, is described by Cisco as a “logic error” occurring during the processing of CAPWAP (Control and Provisioning of Wireless Access Points) packets, which allows a central wireless controller to manage access points.
Cisco Issues Critical Security Patches for IOS XE Software Vulnerabilities On September 24, 2021, Cisco Systems announced the release of critical patches addressing three significant security vulnerabilities within its IOS XE network operating system. These vulnerabilities could allow remote attackers to execute arbitrary code with administrative privileges and potentially initiate…
Cisco Issues Patches for Three Critical Vulnerabilities in IOS XE Software
On September 24, 2021, Cisco Systems announced the release of patches to address three critical security vulnerabilities in its IOS XE network operating system. These flaws could allow remote attackers to execute arbitrary code with administrative privileges and potentially trigger a denial-of-service (DoS) condition on affected devices. The identified vulnerabilities are as follows:
The most critical issue, CVE-2021-34770, is described by Cisco as a “logic error” occurring during the processing of CAPWAP (Control and Provisioning of Wireless Access Points) packets, which allows a central wireless controller to manage access points.
Israeli Traffic Control System Hacked, Leading to Major Jam on Haifa Highway
Oct 28, 2013
Israel, recognized as a leader in cybersecurity, remains a prime target for hostile governments seeking to undermine its technological advancements. Recently, cybersecurity experts reported a significant cyberattack on a key roadway in northern Haifa, resulting in severe traffic congestion. Military officials are vigilant about the potential impact of large-scale cyber threats on the nation’s infrastructure. According to Ofir Ben Avi, head of the government’s website division, Israeli government websites face thousands of cyberattacks daily. Additionally, the Israel Electric Corporation noted an alarming rate of approximately 6,000 unique cyber attacks per second on its servers. In June, Prime Minister Benjamin Netanyahu highlighted that Iranian militia, Hezbollah, and Hamas have consistently targeted Israel.
Israeli Road Control System Compromised, Leading to Major Traffic Disruptions on Haifa Highway October 28, 2013 In a striking incident underscoring the vulnerabilities inherent in even the most robust cyber infrastructures, Israel’s national road control system was hacked, resulting in significant traffic jams on the Haifa Highway. This disruption serves…
Israeli Traffic Control System Hacked, Leading to Major Jam on Haifa Highway
Oct 28, 2013
Israel, recognized as a leader in cybersecurity, remains a prime target for hostile governments seeking to undermine its technological advancements. Recently, cybersecurity experts reported a significant cyberattack on a key roadway in northern Haifa, resulting in severe traffic congestion. Military officials are vigilant about the potential impact of large-scale cyber threats on the nation’s infrastructure. According to Ofir Ben Avi, head of the government’s website division, Israeli government websites face thousands of cyberattacks daily. Additionally, the Israel Electric Corporation noted an alarming rate of approximately 6,000 unique cyber attacks per second on its servers. In June, Prime Minister Benjamin Netanyahu highlighted that Iranian militia, Hezbollah, and Hamas have consistently targeted Israel.
Rockstar Games Faces Potential Data Leak Threat from ShinyHunters Group Rockstar Games has recently been thrust into the headlines not due to ongoing discussions surrounding the much-anticipated Grand Theft Auto VI, but because the ShinyHunters hacking group has claimed to infiltrate the company’s Snowflake environment. The group alleges that a…
Sep 08, 2025
Supply Chain Attack / API Security
Salesloft has announced that the breach associated with its Drift application originated from a compromised GitHub account. An investigation by Google-owned Mandiant revealed that the threat actor, identified as UNC6395, accessed the Salesloft GitHub account over a span of three months, from March to June 2025. The method of access to the GitHub account remains unknown. Currently, 22 companies have reported being impacted by this supply chain breach. According to Salesloft’s advisory, the attackers leveraged this access to download content from various repositories, add a guest user, and establish workflows. The investigation also revealed that reconnaissance activities were taking place within the Salesloft and Drift application environments during the same time frame. However, it noted that there is no indication of any actions beyond these limited reconnaissance efforts. In the subsequent phase, the attackers gained access to Drift’s Amazon Web Services (AWS)…
GitHub Account Compromise Leads to Data Breach at Salesloft, Impacting 22 Companies In a development that underscores the vulnerabilities in software supply chains, Salesloft has disclosed that a significant data breach associated with its Drift application originated from the compromise of its GitHub account. This incident was investigated by Mandiant,…
Sep 08, 2025
Supply Chain Attack / API Security
Salesloft has announced that the breach associated with its Drift application originated from a compromised GitHub account. An investigation by Google-owned Mandiant revealed that the threat actor, identified as UNC6395, accessed the Salesloft GitHub account over a span of three months, from March to June 2025. The method of access to the GitHub account remains unknown. Currently, 22 companies have reported being impacted by this supply chain breach. According to Salesloft’s advisory, the attackers leveraged this access to download content from various repositories, add a guest user, and establish workflows. The investigation also revealed that reconnaissance activities were taking place within the Salesloft and Drift application environments during the same time frame. However, it noted that there is no indication of any actions beyond these limited reconnaissance efforts. In the subsequent phase, the attackers gained access to Drift’s Amazon Web Services (AWS)…