Cybercrime, Fraud Management & Cybercrime, Identity & Access Management Extent of Breach Still Unfolding; Reports Indicate Hundreds of Organizations Impacted Mathew J. Schwartz (euroinfosec) • September 3, 2025 Image: Shutterstock A series of data breaches linked to the theft of access tokens from the marketing software provider Salesloft’s Drift AI…
Recently, threat actors have exploited two newly discovered critical vulnerabilities within Craft CMS, indicated by experts in the field as part of zero-day attacks aimed at unauthorized server access. The campaign was first highlighted by Orange Cyberdefense SensePost on February 14, 2025, as attackers started leveraging a combination of significant…
Artificial Intelligence & Machine Learning, Next-Generation Technologies & Secure Development Over 1,100 Ollama Servers Expose Enterprise Models to Cyber Risks: Cisco Talos Rashmi Ramesh (rashmiramesh_) • September 3, 2025 Image: Shutterstock A concerning security report from Cisco Talos reveals that over 1,100 Ollama servers, which use artificial intelligence to deploy…
Cloudflare has successfully mitigated an unprecedented DDoS (Distributed Denial of Service) attack, with a peak bandwidth of 11.5 terabits per second, which lasted approximately 35 seconds without causing any disruption to online services. In what marks a significant milestone in cybersecurity defenses, Cloudflare effectively countered the largest recorded DDoS attack…
This week, cybersecurity continues to grapple with the persistent ingenuity of threat actors. A combination of misconfigured settings, overlooked vulnerabilities, and the excessive convenience of cloud tools serves as gateways for these malicious actors. A pressing concern arises when the perpetrators of these attacks find themselves in the crosshairs, suggesting…
Cloudflare Confirms Impact from Salesloft Drift Breach On Tuesday, Cloudflare disclosed its involvement in the Salesloft Drift breach, confirming that cybercriminals obtained 104 API tokens associated with its platform. Despite the breach, Cloudflare’s security team, led by Sourov Zaman, Craig Strubhart, and Grant Bourzikas, reported no detected suspicious activity linked…
In a recent report, Google disclosed its findings on the exploitation of 75 zero-day vulnerabilities throughout 2024, a decline from 98 detected in 2023 yet an increase from the previous year’s 63. Notably, 44% of these vulnerabilities primarily targeted enterprise products, with 20 affecting security software and appliances. The Google…
Gcore Fends Off Massive DDoS Attack Targeting Client’s CDN Infrastructure In early January, Gcore successfully mitigated a significant cyber assault comprised of multiple Layer 3 and Layer 4 Distributed Denial-of-Service (DDoS) attacks that surged to a record peak of 650 Gbps. The attackers leveraged an extensive network of over 2,000…
Cybersecurity researcher Jeremiah Fowler has identified a misconfigured and unsecured server that exposed 378 GB of sensitive internal files belonging to Navy Federal Credit Union (NFCU), the largest credit union in the United States serving military personnel. Fortunately, no member data was compromised during this incident. This server, shared with…
