Tag cybersecurity

⚡ Weekly Update: Drift Breach Unveiled, Active Zero-Days, Patch Alerts, Evolving Threats & More

 
Sep 08, 2025
Cybersecurity / Hacking News

Cybersecurity constantly evolves, with each week bringing fresh threats, vulnerabilities, and crucial lessons for defenders. For security and IT teams, the challenge lies in discerning which risks demand immediate attention. This digest aims to provide a straightforward briefing to help prioritize what matters most.

This week, the notable story is the Salesloft–Drift breach, where attackers compromised OAuth tokens, gaining access to Salesforce data from major tech companies. This incident underscores how fragile integrations can become critical vulnerabilities in enterprise defenses.

Additionally, we’ll discuss several high-risk CVEs currently under active exploitation, the latest strategies of advanced threat actors, and new insights on streamlining security workflows for greater efficiency. Each section delivers essential information, ensuring you stay informed and prepared without being overwhelmed.

Threat of the Week
Salesloft to Take Drift of…

Weekly Cybersecurity Update: Major Data Breach at Salesloft Linked to Drift, Ongoing Threats, and Rising Cyber Intelligence September 08, 2025 Cybersecurity / Hacking News The landscape of cybersecurity remains in constant flux, with each week bringing fresh challenges, vulnerabilities, and essential takeaways for security professionals. For IT departments, navigating these…

Read More

⚡ Weekly Update: Drift Breach Unveiled, Active Zero-Days, Patch Alerts, Evolving Threats & More

 
Sep 08, 2025
Cybersecurity / Hacking News

Cybersecurity constantly evolves, with each week bringing fresh threats, vulnerabilities, and crucial lessons for defenders. For security and IT teams, the challenge lies in discerning which risks demand immediate attention. This digest aims to provide a straightforward briefing to help prioritize what matters most.

This week, the notable story is the Salesloft–Drift breach, where attackers compromised OAuth tokens, gaining access to Salesforce data from major tech companies. This incident underscores how fragile integrations can become critical vulnerabilities in enterprise defenses.

Additionally, we’ll discuss several high-risk CVEs currently under active exploitation, the latest strategies of advanced threat actors, and new insights on streamlining security workflows for greater efficiency. Each section delivers essential information, ensuring you stay informed and prepared without being overwhelmed.

Threat of the Week
Salesloft to Take Drift of…

Israeli Traffic Control System Hacked, Leading to Major Jam on Haifa Highway

Oct 28, 2013

Israel, recognized as a leader in cybersecurity, remains a prime target for hostile governments seeking to undermine its technological advancements. Recently, cybersecurity experts reported a significant cyberattack on a key roadway in northern Haifa, resulting in severe traffic congestion. Military officials are vigilant about the potential impact of large-scale cyber threats on the nation’s infrastructure. According to Ofir Ben Avi, head of the government’s website division, Israeli government websites face thousands of cyberattacks daily. Additionally, the Israel Electric Corporation noted an alarming rate of approximately 6,000 unique cyber attacks per second on its servers. In June, Prime Minister Benjamin Netanyahu highlighted that Iranian militia, Hezbollah, and Hamas have consistently targeted Israel.

Israeli Road Control System Compromised, Leading to Major Traffic Disruptions on Haifa Highway October 28, 2013 In a striking incident underscoring the vulnerabilities inherent in even the most robust cyber infrastructures, Israel’s national road control system was hacked, resulting in significant traffic jams on the Haifa Highway. This disruption serves…

Read More

Israeli Traffic Control System Hacked, Leading to Major Jam on Haifa Highway

Oct 28, 2013

Israel, recognized as a leader in cybersecurity, remains a prime target for hostile governments seeking to undermine its technological advancements. Recently, cybersecurity experts reported a significant cyberattack on a key roadway in northern Haifa, resulting in severe traffic congestion. Military officials are vigilant about the potential impact of large-scale cyber threats on the nation’s infrastructure. According to Ofir Ben Avi, head of the government’s website division, Israeli government websites face thousands of cyberattacks daily. Additionally, the Israel Electric Corporation noted an alarming rate of approximately 6,000 unique cyber attacks per second on its servers. In June, Prime Minister Benjamin Netanyahu highlighted that Iranian militia, Hezbollah, and Hamas have consistently targeted Israel.

How Top CISOs Secure Budget Approval

As budget season approaches, security often faces scrutiny and can become a lower priority. If you’re a CISO or security leader, you probably find yourself justifying the need for your programs, tools, or additional team members, emphasizing that the next security breach is just one oversight away. However, these arguments can falter unless articulated in a way that resonates with the board. According to Gartner, 88% of boards view cybersecurity as a business risk rather than just an IT concern, yet many security leaders still face challenges in elevating the importance of cybersecurity within their organizations. To make security issues resonate with the board, it’s crucial to communicate in terms of business continuity, compliance, and financial implications. Here are a few strategies to help you reframe the conversation, simplifying the technical complexities into clear business objectives.

Acknowledge the Serious Risks

Cyber threats are continually evolving, ranging from ransomware to supply chain attacks, and…

How Leading CISOs Secure Budget Approval for Cybersecurity Initiatives As budget season approaches, cybersecurity often becomes a focal point of scrutiny. For Chief Information Security Officers (CISOs) and security leaders, articulating the significance of their programs, essential tools, and necessary personnel can feel challenging, especially when the conversation strays into…

Read More

How Top CISOs Secure Budget Approval

As budget season approaches, security often faces scrutiny and can become a lower priority. If you’re a CISO or security leader, you probably find yourself justifying the need for your programs, tools, or additional team members, emphasizing that the next security breach is just one oversight away. However, these arguments can falter unless articulated in a way that resonates with the board. According to Gartner, 88% of boards view cybersecurity as a business risk rather than just an IT concern, yet many security leaders still face challenges in elevating the importance of cybersecurity within their organizations. To make security issues resonate with the board, it’s crucial to communicate in terms of business continuity, compliance, and financial implications. Here are a few strategies to help you reframe the conversation, simplifying the technical complexities into clear business objectives.

Acknowledge the Serious Risks

Cyber threats are continually evolving, ranging from ransomware to supply chain attacks, and…

China Asserts Commitment to International Collaboration in Addressing Cybersecurity Challenges

On November 6, 2013, at Stanford University, cybersecurity experts and leaders from over 40 nations convened to discuss the pressing issues of cyberspace security and international collaboration. The increasingly borderless nature of the internet highlights the urgent need for cooperative efforts in cybersecurity. Cai Mingzhao, Minister of the State Council Information Office of China, expressed the country’s eagerness to work alongside other nations to confront cybersecurity threats. Notably, this statement comes amid allegations of China’s involvement in significant cyberattacks. “To ensure cybersecurity, we must enhance international cooperation,” he stated, adding that China is prepared to expand partnerships with other countries and relevant international organizations on the principles of equality and mutual benefit. He further noted that China itself has been a victim of cybersecurity breaches, with over 80% of incidents affecting Chinese interests.

China Expresses Commitment to International Cybersecurity Cooperation On November 5th, 2013, a significant gathering took place at Stanford University, where cybersecurity experts and leaders from over 40 nations convened to address the pressing challenges of cyberspace security and the necessity for enhanced international collaboration. The discussions highlighted the intrinsic borderless…

Read More

China Asserts Commitment to International Collaboration in Addressing Cybersecurity Challenges

On November 6, 2013, at Stanford University, cybersecurity experts and leaders from over 40 nations convened to discuss the pressing issues of cyberspace security and international collaboration. The increasingly borderless nature of the internet highlights the urgent need for cooperative efforts in cybersecurity. Cai Mingzhao, Minister of the State Council Information Office of China, expressed the country’s eagerness to work alongside other nations to confront cybersecurity threats. Notably, this statement comes amid allegations of China’s involvement in significant cyberattacks. “To ensure cybersecurity, we must enhance international cooperation,” he stated, adding that China is prepared to expand partnerships with other countries and relevant international organizations on the principles of equality and mutual benefit. He further noted that China itself has been a victim of cybersecurity breaches, with over 80% of incidents affecting Chinese interests.

Iranian Hackers Disrupt Operations at Key U.S. Infrastructure Sites

Iranian Hackers Targeting US Critical Infrastructure Amid Ongoing Tensions Recent reports indicate that hackers tied to the Iranian government are actively disrupting operations at various critical infrastructure sites across the United States. This disruption appears to be a reaction to the heightened geopolitical conflict between Iran and the U.S., as…

Read MoreIranian Hackers Disrupt Operations at Key U.S. Infrastructure Sites

Senator Wyden Calls for FTC Investigation into Microsoft Over Ransomware-Related Cybersecurity Failures

U.S. Senator Ron Wyden is urging the Federal Trade Commission (FTC) to investigate Microsoft for what he describes as “gross cybersecurity negligence” that has facilitated ransomware attacks on critical U.S. infrastructure, particularly targeting healthcare networks. In a detailed four-page letter to FTC Chairman Andrew Ferguson, Wyden warned that Microsoft’s lax cybersecurity practices, combined with its near-monopoly in the enterprise operating system market, create a significant national security risk, making further attacks likely. He likened Microsoft’s behavior to that of “an arsonist selling firefighting services to their victims.” This request follows new revelations from the healthcare provider Ascension, which experienced a devastating ransomware attack last year, compromising personal and medical data of nearly 5.6 million individuals.

Senator Wyden Calls for FTC Investigation into Microsoft Over Cybersecurity Negligence Linked to Ransomware Attacks September 11, 2025 U.S. Senator Ron Wyden has formally requested the Federal Trade Commission (FTC) to investigate Microsoft, alleging severe cybersecurity negligence that has facilitated ransomware assaults on critical U.S. infrastructure, notably in the healthcare…

Read More

Senator Wyden Calls for FTC Investigation into Microsoft Over Ransomware-Related Cybersecurity Failures

U.S. Senator Ron Wyden is urging the Federal Trade Commission (FTC) to investigate Microsoft for what he describes as “gross cybersecurity negligence” that has facilitated ransomware attacks on critical U.S. infrastructure, particularly targeting healthcare networks. In a detailed four-page letter to FTC Chairman Andrew Ferguson, Wyden warned that Microsoft’s lax cybersecurity practices, combined with its near-monopoly in the enterprise operating system market, create a significant national security risk, making further attacks likely. He likened Microsoft’s behavior to that of “an arsonist selling firefighting services to their victims.” This request follows new revelations from the healthcare provider Ascension, which experienced a devastating ransomware attack last year, compromising personal and medical data of nearly 5.6 million individuals.

Anthropic Collaborates with Competitors to Prevent AI from Compromising Security

In late March, leaked reports revealed that Anthropic has developed a new AI model named Mythos, which they formally announced on Tuesday. Alongside this announcement, the company introduced an industry consortium called Project Glasswing, aimed at addressing the cybersecurity implications associated with this advanced model and the evolving capabilities across…

Read MoreAnthropic Collaborates with Competitors to Prevent AI from Compromising Security

Groups Oppose HHS’s Proposed Rollbacks on Health IT

Healthcare, Industry Specific, Standards, Regulations & Compliance Healthcare Groups Warn of Risks from HHS’ Proposed IT Certification Changes Marianne Kolbasuk McGee ( HealthInfoSec) • March 3, 2026 Proposed reductions in health IT certification requirements by HHS are facing resistance from industry groups concerned about privacy and security implications. (Image: Getty…

Read MoreGroups Oppose HHS’s Proposed Rollbacks on Health IT

🔍 Weekly Overview: Fortinet Vulnerability, Chrome Zero-Day, BadIIS Malware, Record DDoS Attack, SaaS Security Incident & More

Cybersecurity Weekly Update: New Vulnerabilities and Persistent Threats This week, the cybersecurity landscape revealed alarming developments as multiple organizations fell victim to sophisticated attacks, highlighting the evolving tactics employed by cybercriminals. Notably, Fortinet disclosed a serious vulnerability affecting its FortiWeb application firewall, categorized as CVE-2025-58034. This flaw, assigned a medium…

Read More🔍 Weekly Overview: Fortinet Vulnerability, Chrome Zero-Day, BadIIS Malware, Record DDoS Attack, SaaS Security Incident & More