The Breach News

The Importance of Ongoing Red Teaming for AI Security

Artificial Intelligence & Machine Learning, Black Hat, Events NIST’s Apostol Vassilev Highlights the Importance of Dynamic Response Over Static Testing Michael Novinson (MichaelNovinson) • August 11, 2025 Apostol Vassilev, Research Team Supervisor, National Institute of Standards and Technology The expansion of artificial intelligence models has introduced complexities that make defending…

Read MoreThe Importance of Ongoing Red Teaming for AI Security

5 Identity-Based Vulnerabilities Behind Recent Retail Breaches

July 8, 2025
SaaS Security / Cyber Threats

From excessive admin privileges to neglected vendor tokens, attackers are capitalizing on weaknesses in trust and access. This article explores five significant retail breaches and the insights they provide. Major retailers like Adidas, The North Face, Dior, Victoria’s Secret, Cartier, Marks & Spencer, and Co-op have all faced breaches recently. Unlike traditional malware or zero-day exploits, these incidents were driven by identity exploitation—tapping into overprivileged access and unmonitored service accounts, often augmented by social engineering tactics.

Rather than forcing their way in, attackers simply logged in, moving stealthily through SaaS applications using legitimate credentials. Although many retailers have withheld specific technical details, clear patterns are emerging. Here’s a closer look at five notable breaches in the retail industry:

  1. Adidas: Leveraging third-party trust…

Identity-Based Attacks Compromising Retail: A Closer Look In recent months, the retail sector has faced significant security breaches, exposing vulnerabilities that often stem from identity-based attacks rather than sophisticated malware. Major brands such as Adidas, The North Face, Dior, Victoria’s Secret, Cartier, Marks & Spencer, and Co-op were targeted, highlighting…

Read More

5 Identity-Based Vulnerabilities Behind Recent Retail Breaches

July 8, 2025
SaaS Security / Cyber Threats

From excessive admin privileges to neglected vendor tokens, attackers are capitalizing on weaknesses in trust and access. This article explores five significant retail breaches and the insights they provide. Major retailers like Adidas, The North Face, Dior, Victoria’s Secret, Cartier, Marks & Spencer, and Co-op have all faced breaches recently. Unlike traditional malware or zero-day exploits, these incidents were driven by identity exploitation—tapping into overprivileged access and unmonitored service accounts, often augmented by social engineering tactics.

Rather than forcing their way in, attackers simply logged in, moving stealthily through SaaS applications using legitimate credentials. Although many retailers have withheld specific technical details, clear patterns are emerging. Here’s a closer look at five notable breaches in the retail industry:

  1. Adidas: Leveraging third-party trust…

Salesforce Data Breach Impacting Multiple Companies – SOCRadar® Cyber Intelligence Inc.

Salesforce Data Breach Impacts Multiple Organizations Recent reports indicate a significant data breach linked to Salesforce, affecting a number of prominent businesses across various sectors. This cybersecurity incident raises serious concerns among companies that rely on Salesforce’s services for customer relationship management and data handling. The breach highlights vulnerabilities within…

Read MoreSalesforce Data Breach Impacting Multiple Companies – SOCRadar® Cyber Intelligence Inc.

AMD Alerts Users to New Transient Scheduler Vulnerabilities Affecting Various CPU Models

Date: July 10, 2025
Category: Vulnerability / Hardware Security

AMD has issued a warning regarding a fresh wave of vulnerabilities impacting a wide array of chipsets, posing risks of data exposure. These vulnerabilities, known as Transient Scheduler Attacks (TSA), exploit speculative execution timing under certain microarchitectural conditions, creating a potential side channel in the CPUs. “In some instances, attackers could leverage this timing data to extract information from different contexts, leading to data leaks,” AMD stated in its advisory. The vulnerabilities were identified through research conducted by Microsoft and ETH Zurich, which tested modern CPUs against speculative execution threats like Meltdown and Foreshadow by examining isolation among security domains, including virtual machines, kernels, and processes. Following responsible disclosure in June 2024, the vulnerabilities have been assigned the following CVE identifiers: CVE-2024-36350 (CVSS score: 5.6).

AMD Issues Warning on Vulnerabilities Affecting a Wide Range of CPUs In a recent advisory, semiconductor giant AMD has highlighted a new set of vulnerabilities that may compromise the security of various chipsets, potentially allowing unauthorized access to sensitive information. These vulnerabilities, grouped under the term Transient Scheduler Attacks (TSA),…

Read More

AMD Alerts Users to New Transient Scheduler Vulnerabilities Affecting Various CPU Models

Date: July 10, 2025
Category: Vulnerability / Hardware Security

AMD has issued a warning regarding a fresh wave of vulnerabilities impacting a wide array of chipsets, posing risks of data exposure. These vulnerabilities, known as Transient Scheduler Attacks (TSA), exploit speculative execution timing under certain microarchitectural conditions, creating a potential side channel in the CPUs. “In some instances, attackers could leverage this timing data to extract information from different contexts, leading to data leaks,” AMD stated in its advisory. The vulnerabilities were identified through research conducted by Microsoft and ETH Zurich, which tested modern CPUs against speculative execution threats like Meltdown and Foreshadow by examining isolation among security domains, including virtual machines, kernels, and processes. Following responsible disclosure in June 2024, the vulnerabilities have been assigned the following CVE identifiers: CVE-2024-36350 (CVSS score: 5.6).

New Android Banking Malware ‘ToxicPanda’ Pilfers Funds Through Deceptive Transfers

Nov 05, 2024
Mobile Security / Cyber Attack

A newly discovered Android banking malware, dubbed ToxicPanda, has already compromised over 1,500 devices, enabling cybercriminals to execute fraudulent transactions. According to Cleafy researchers Michele Roviello, Alessandro Strino, and Federico Valentini, “ToxicPanda’s primary aim is to facilitate money transfers from infected devices through account takeover (ATO) techniques, leveraging a method known as on-device fraud (ODF).” The malware is designed to circumvent banking security measures that verify user identity and authenticate transactions, along with behavioral detection strategies used by banks to flag suspicious money transfers. It is believed that ToxicPanda is linked to a Chinese-speaking threat actor and bears notable similarities to another Android malware called TgToxic, which can steal user credentials and deplete crypto wallets. TgToxic was first reported by Trend Micro in early 2023.

New Android Banking Malware ‘ToxicPanda’ Exploits Devices for Fraudulent Transactions November 5, 2024 Mobile Security / Cyber Attack A newly discovered strain of Android banking malware, named ToxicPanda, has reportedly compromised over 1,500 Android devices, enabling cybercriminals to execute unauthorized banking transactions. According to researchers Michele Roviello, Alessandro Strino, and…

Read More

New Android Banking Malware ‘ToxicPanda’ Pilfers Funds Through Deceptive Transfers

Nov 05, 2024
Mobile Security / Cyber Attack

A newly discovered Android banking malware, dubbed ToxicPanda, has already compromised over 1,500 devices, enabling cybercriminals to execute fraudulent transactions. According to Cleafy researchers Michele Roviello, Alessandro Strino, and Federico Valentini, “ToxicPanda’s primary aim is to facilitate money transfers from infected devices through account takeover (ATO) techniques, leveraging a method known as on-device fraud (ODF).” The malware is designed to circumvent banking security measures that verify user identity and authenticate transactions, along with behavioral detection strategies used by banks to flag suspicious money transfers. It is believed that ToxicPanda is linked to a Chinese-speaking threat actor and bears notable similarities to another Android malware called TgToxic, which can steal user credentials and deplete crypto wallets. TgToxic was first reported by Trend Micro in early 2023.

How Volunteering Shapes Careers in Cybersecurity

Recruitment & Reskilling Strategy, Training & Security Leadership Cyber Volunteers Can Gain Real-World Experience While Protecting Communities Brandy Harris • August 6, 2025 Image: Shutterstock In the evolving landscape of cybersecurity, aspiring professionals often envision a path paved with certifications, technical tests, and entry-level positions demanding extensive preparation. However, the…

Read MoreHow Volunteering Shapes Careers in Cybersecurity

The Unexpected Culprit: Git Repositories

In the ever-evolving landscape of cyber threats, while phishing and ransomware consistently steal headlines, there is a more insidious risk that lurks beneath the surface in many organizations: the exposure of Git repositories that leak sensitive data. This risk quietly undermines security by creating shadow access to critical systems. Git…

Read MoreThe Unexpected Culprit: Git Repositories