Artificial Intelligence & Machine Learning, Next-Generation Technologies & Secure Development AP2 Protocol Introduces ‘Mandates’ to Ensure Accountability in Agent-Led Transactions Rashmi Ramesh (rashmiramesh_) • September 17, 2025 Image: Shutterstock/ISMG In an innovative move, Google has unveiled a new “agent payments protocol,” enabling artificial intelligence to facilitate consumer shopping while ensuring…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime MuddyWater Resumes Use of Bulletproof Hosting and Custom Malware Mathew J. Schwartz (euroinfosec) • September 17, 2025 Image: Iurii Stepanov/Shutterstock An Iranian state-sponsored hacking group, MuddyWater, is reportedly reviving its tactics by incorporating Microsoft Office documents with malicious macros into its attack…
A recent phishing assault has emerged, allegedly utilizing counterfeit PDF documents hosted on the Webflow content delivery network (CDN) with the aim of capturing credit card data and executing financial fraud. This operation specifically targets individuals searching for academic materials or documents through search engines. According to Netskope Threat Labs…
Recent advancements in open-source tools have inadvertently contributed to a significant supply chain breach, originating from a focused attack that swiftly expanded, compromising sensitive information across multiple projects. This breach highlights how a manipulated GitHub Action, designed to analyze changed files, evolved from targeting specific projects like Coinbase into a…
In early September 2023, Qrator Labs identified and successfully mitigated one of the year’s most consequential Layer 7 DDoS attacks, executed by what is currently recognized as the largest botnet in existence. This attack targeted a government organization and exploited 5.76 million compromised Internet of Things (IoT) devices, among other…
Okta, a pivotal player in identity and access management, reported an unauthorized access event involving its source code repositories earlier this month. The incident, which was disclosed on Wednesday, raises substantial concerns about the security practices surrounding sensitive organizational code. According to an official statement, Okta reassured stakeholders that “there…
Recent developments have emerged regarding the Salesloft Drift breach, which has impacted over 700 organizations across the globe. New victims have come forward, adding to the severity of the incident. On August 20, Salesloft and Salesforce announced they had severed ties between Drift, an AI-powered chatbot for sales and marketing,…
Cybercriminals continue to exploit Microsoft Word and Excel documents as conduits for malware delivery as we advance through 2025. These methods remain effective, leveraging phishing tactics and zero-click exploits to infiltrate targets with relative ease, particularly in corporate settings where Office documents are routinely shared. This year, there are three…
Identity & Access Management, Security Operations Salesloft Reports GitHub Repository Compromised by Cyber Attackers Greg Sirico • September 8, 2025 Image: Shutterstock Salesloft has confirmed that hackers gained unauthorized access to its GitHub repository, leading to a significant breach affecting several companies, including cybersecurity firms Tenable and Qualys. This incident…
