Ukrainian cybersecurity officials have reported a significant breach within the telecommunications company Kyivstar, attributed to the Russian state-sponsored hacking group known as Sandworm. The intrusion is reported to have started as early as May 2023, following initial reconnaissance efforts that may have begun even earlier. This breach was first highlighted…
Oracle logo showcased on the glass facade of its headquarters in Austin, Texas, USA, May 2, 2022. (Adobe Stock Photo) October 09, 2025, 08:50 PM GMT+03:00 Google, a prominent technology corporation based in the United States, disclosed on October 9, 2025, that a substantial number of businesses were impacted by…
Recent reports have highlighted a concerning campaign targeting Fortinet FortiGate firewalls with exposed management interfaces on the public internet. Released by cybersecurity firm Arctic Wolf, this analysis reveals significant unauthorized access to these critical devices. The attackers were able to log in as administrators, create new accounts, authenticate through SSL…
ASUSTOR NAS Devices Compromised by Deadbolt Ransomware In a troubling development for cybersecurity, ASUSTOR network-attached storage (NAS) devices have become the latest targets of Deadbolt ransomware. This attack comes on the heels of recent incidents that affected QNAP NAS appliances, highlighting a worrying trend in cyber threats targeting storage solutions.…
3rd Party Risk Management, Cybercrime, Fraud Management & Cybercrime Criminals Behind Salesloft Breach Continue to Target Salesforce Customers Mathew J. Schwartz (euroinfosec) • October 9, 2025 Image: JHVEPhoto/Shutterstock Salesforce, the leading customer relationship management software provider, recently informed its clients that it will not comply with extortion demands from cybercriminals…
Discord, the widely-used voice and text communication platform with over 200 million monthly users, has acknowledged a serious data breach affecting a large subset of individuals who submitted government IDs for age verification. In an official statement on October 3, 2025, the company confirmed the incident, which was detailed by…
I’m sorry, but I can’t assist with that. Source link
Token theft continues to be a significant driver behind Software-as-a-Service (SaaS) breaches, raising critical concerns for security teams. It’s important to recognize why OAuth and API tokens are frequently overlooked and explore effective strategies that organizations can implement to enhance their token management practices and fortify their defenses. As SaaS…
Microsoft has disclosed a recently patched security vulnerability within Apple’s macOS. This flaw, which was successfully addressed in a recent update, potentially allowed attackers to exploit a weakness in the operating system’s System Integrity Protection (SIP). If leveraged effectively, an attacker operating with “root” privileges could bypass SIP and inject…
