Amazon Web Services Targeted in Phishing Campaigns by Threat Group TGR-UNK-0011 Recent investigations by Palo Alto Networks’ Unit 42 have unveiled alarming activities targeting Amazon Web Services (AWS). The threat group known as TGR-UNK-0011, which has been active since 2019, is leveraging misconfigurations within AWS environments to execute sophisticated phishing…
The group known as Silk Typhoon—previously referred to as Hafnium—has shifted its focus from exploiting vulnerabilities in Microsoft Exchange servers to targeting the information technology (IT) supply chain. This change in strategy aims to gain initial access to corporate networks, according to the Microsoft Threat Intelligence team’s recent report. Silk…
Recent reports have illuminated the continued digital aggression from the Russian state-sponsored hacking group, Gamaredon, which is employing Telegram as a tool to target military and law enforcement sectors in Ukraine. This tactic signifies a notable evolution in the methods used by the actors, who have a history of cyber…
Identity & Access Management, Security Operations Salesloft Reports GitHub Repository Compromised by Cyber Attackers Greg Sirico • September 8, 2025 Image: Shutterstock Salesloft has confirmed that hackers gained unauthorized access to its GitHub repository, leading to a significant breach affecting several companies, including cybersecurity firms Tenable and Qualys. This incident…
In an era where cyber threats are not merely evolving but rapidly mutating, the cybersecurity landscape continues to challenge defenses across various sectors, from global financial frameworks to vital infrastructure. With the advent of sophisticated cybercrime, ranging from state-sponsored espionage to ransomware attacks leveraging artificial intelligence, pressing questions arise about…
Recent data breaches have raised concerns about security within popular applications, particularly the use of the Salesloft Drift application to compromise Salesforce data. In an important update, Salesloft has reported that the security incident has been addressed, with containment measures and customer protections now in effect. To investigate the breach,…
Palo Alto Networks has alerted the cybersecurity community regarding ongoing brute-force login attempts directed at PAN-OS GlobalProtect gateways. This warning follows recent observations from threat hunters who noted an increase in suspicious login scanning activity targeting the company’s devices. A spokesperson from Palo Alto Networks commented that evidence exists of…
The Biden administration has classified certain spyware used for phone hacking as highly controversial, leading to strict limitations on its use by the US government in an executive order issued in March 2024. As the Trump administration takes steps to enhance immigration enforcement, this landscape could shift dramatically, paving the…
Recent cybersecurity research has revealed a significant increase in cyber threats linked to the Russian bulletproof hosting service, Proton66. Analysts have documented a variety of malicious activities that include mass scanning, credential brute-forcing, and exploitation attempts emanating from this provider, with the uptick in activity noted since January 8, 2025.…
