In a troubling development, the ShinyHunters extortion group has claimed responsibility for a series of voice phishing attacks, specifically targeting single sign-on (SSO) accounts associated with major platforms such as Okta, Microsoft, and Google. These attacks allow cybercriminals to infiltrate corporate Software as a Service (SaaS) platforms and exfiltrate sensitive…
A sophisticated phishing campaign targeting Facebook users has been detected, exploiting a critical zero-day vulnerability within Salesforce’s email services. This exploit enables malicious actors to craft highly tailored phishing messages utilizing Salesforce’s domain and infrastructure, significantly increasing the chances of success. Researchers at Guardio Labs, Oleg Zaytsev and Nati Tal,…
In recent months, a series of sophisticated cyberattacks leveraging artificial intelligence (AI) have raised alarms in the technology sector. One particularly concerning incident involved a prompt injection attack against GitLab’s Duo chatbot, wherein malicious code was embedded within a legitimate code package. This exploit not only blurred the lines between…
This year has been marked by notable incidents in cyberspace, coinciding with major geopolitical shifts driven by U.S. President Donald Trump and his administration. Amidst these developments, a persistent wave of cyber threats has emerged—data breaches, ransomware, digital extortion, and state-sponsored attacks have increasingly become part of the routine landscape…
On December 25, coinciding with global Christmas celebrations, the Everest ransomware group released a statement on its dark web leak site alleging a breach of Chrysler systems, a prominent American automobile manufacturer. The group claims to have extracted a staggering 1,088 GB (over 1 TB) of data, which they characterize…
In a significant cybersecurity breach, the adult video platform PornHub has fallen victim to extortion attempts from the ShinyHunters hacking group. This follows the reported theft of search and viewing history concerning PornHub’s Premium members, which stemmed from a recent compromise of analytics provider Mixpanel. Last week, PornHub issued a…
VMware Urges Immediate Action Over Critical EAP Vulnerabilities VMware has issued an urgent advisory urging users to remove the deprecated Enhanced Authentication Plugin (EAP) due to the emergence of a severe security vulnerability. Classified as CVE-2024-22245, this flaw has been assigned a CVSS score of 9.6 and has been identified…
Revealed: Typosquatted Domains Associated with Suspected Ransomware Attacks Akshaya Asokan (asokan_akshaya) • November 28, 2025 Image: Shutterstock Cybersecurity experts have identified over 40 typosquatted domains that imitate legitimate Zendesk URLs. This discovery has been linked to the hacking group known as Scattered Lapsus$ Hunters. According to a report from ReliaQuest,…
Gainsight is recognized as a provider of customer support platforms. Summary of Events Google has recently reported a significant supply chain breach that has compromised data stored by Salesforce across more than 200 businesses. The incident was initially revealed by Salesforce on Thursday, noting that “specific customers’ Salesforce data” was…
