Google Threat Intelligence Group shared its findings about a threat actor responsible for stealing Salesforce customer data via Salesloft Drift. This article has been indexed from Security | TechRepublic Read the original article: Google Identifies ‘Widespread Data Theft’ Impacting Salesforce-Salesloft…
New York Attorney General Sues Zelle Parent Over Fraud Failures, Raising Stakes for Real-Time Payment Security
New York AG Letitia James has sued Zelle’s parent, Early Warning Services, over billions lost to fraud, spotlighting the urgent need for stronger safeguards, consumer protections, and risk quantification in real-time payments. The post New York Attorney General Sues Zelle…
UK and US Blame Three Chinese Tech Firms for Global Cyberattacks
A coalition of international cybersecurity agencies led by the UK’s National Cyber Security Centre (NCSC) has publicly linked… This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original article: UK and…
FreePBX Servers Hit by 0-Day Exploit, Disable Internet Access Advised
FreePBX administrators worldwide have been urged to immediately disable public internet access to their systems after a critical 0-day vulnerability was discovered in the commercial Endpoint Manager module. The Sangoma FreePBX Security Team confirmed that attacker-controlled exploit code can gain…
ShadowSilk Targets Penetration-Testing Tools and Public Exploits to Breach Organizations
Cybersecurity experts discovered an advanced persistent threat (APT) cluster called ShadowSilk in a thorough research published by Group-IB. Since at least 2023, this group has been actively breaching government institutions in Central Asia and the Asia-Pacific area. The group’s operations,…
Lazarus Group Targets Windows 11 with ClickFix Tactics and Fake Job Offers
The notorious Lazarus advanced persistent threat (APT) organization, which Qi’anxin internally tracks as APT-Q-1, has been seen using the ClickFix technique to penetrate Windows 11 and macOS systems in a sophisticated progression of social engineering attacks. Known for high-profile incidents…
How Healthy Is Your Data in the Age of AI? An In-Depth Checklist to Assess Data Accuracy, Governance, and AI Readiness
Editor’s Note: The following is an article written for and published in DZone’s 2025 Trend Report, Data Engineering: Scaling Intelligence With the Modern Data Stack. Data has evolved from a byproduct of business processes to a vital asset for innovation and…
Cyber Attacks Surge Against Education Sector Ahead of Back-to-School Season
As millions of students return to classrooms and campuses, schools are facing another challenge: a sharp rise in cyber attacks. According to Check Point Research, from January through July 2025, the education sector continued its streak as the most targeted…
7 ways to use Copilot in classic Outlook – and why I disabled it
Copilot can write your emails, summarize them, and respond. Or you can just turn it off, like I did. This article has been indexed from Latest news Read the original article: 7 ways to use Copilot in classic Outlook –…
9 iPhone 17 Air rumors I’m tracking – and why Apple’s ultra-thin model is set to kill the Plus
Here is every credible rumor about the upcoming iPhone 17 Air, including its design, cameras, specs, and more. This article has been indexed from Latest news Read the original article: 9 iPhone 17 Air rumors I’m tracking – and why…
AppSuite PDF Editor Backdoor: A Detailed Technical Analysis
Some threat actors are bold enough to submit their own malware as false positive to antivirus companies and demand removal of the detection. This is exactly what happened with AppSuite PDF Editor. Initially, automation flagged it as a potentially unwanted…
TransUnion discloses a data breach impacting over 4.4 million customers
TransUnion reported a data breach in which threat actors accessed personal information of over 4.4 million customers. TransUnion disclosed a data breach that impacted more than 4,461,511 customers. The company is one of the three major credit reporting agencies in…
New Research Highlights Emulating Tactics of Scattered Spider in Realistic Scenarios
New findings from Lares Labs underscore the importance of realistic threat emulation exercises that mirror the sophisticated tactics of the Scattered Spider APT group. By integrating real-world incident data into controlled simulations, organizations can proactively assess defenses across networks, endpoints,…
New TamperedChef Attack With Weaponized PDF Editor Steals Sensitive Data and Login Credentials
A sophisticated malware campaign that weaponizes a seemingly legitimate PDF editor to steal sensitive data and login credentials from unsuspecting users across Europe. The attack uncovered by Truesec, dubbed “TamperedChef,” represents a new evolution in social engineering tactics that leverage…
FreePBX Servers Hacked in 0-Day Attack – Admins are Urged to Disable Internet Access
A critical zero-day exploit targeting exposed FreePBX 16 and 17 systems. Threat actors are abusing an unauthenticated privilege escalation vulnerability in the commercial Endpoint Manager module, allowing remote code execution (RCE) when the Administrator Control Panel is reachable from the…
You Can’t Protect What You Can’t See
A business ecosystem is a borderless entity. Where organizations operate across vast, global networks, achieving a comprehensive view of their digital operations is a major challenge. Security leads, faced with… The post You Can’t Protect What You Can’t See appeared…
Thousands of Citrix NetScaler boxes still sitting ducks despite patches
Shadowserver counts more than 13,000 appliances still wide open – including thousands in US, Germany, and UK Thousands of Citrix NetScaler appliances remain exposed to a trio of security flaws that the vendor patched this week, one of which is…
TransUnion admits 4.5M affected after third-party support app breached
Credit agency offers own services as compensation Credit scoring and monitoring biz TransUnion says that it recently suffered a breach affecting nearly 4.5 million individuals.… This article has been indexed from The Register – Security Read the original article: TransUnion…
IT Security News Hourly Summary 2025-08-28 15h : 15 posts
15 posts were published in the last hour 13:4 : Orange Belgium Hit by Cyberattack Affecting 850,000 Customers 13:4 : Hackers Disclose Why They Targeted North Korean Government Hackers 13:4 : Malicious VS Code Extensions Exploit Name Reuse Loophole 12:44…
China’s Salt Typhoon Hacked Critical Infrastructure Globally for Years
China-linked APT ‘Salt Typhoon’ exploited known router flaws to maintain persistent access across telecom, government, and military networks, giving Beijing’s intelligence services global surveillance reach. The post China’s Salt Typhoon Hacked Critical Infrastructure Globally for Years appeared first on SecurityWeek.…
Webinar: Why Top Teams Are Prioritizing Code-to-Cloud Mapping in Our 2025 AppSec
Picture this: Your team rolls out some new code, thinking everything’s fine. But hidden in there is a tiny flaw that explodes into a huge problem once it hits the cloud. Next thing you know, hackers are in, and your…
Netherlands Confirms China’s Salt Typhoon Targeted Small Dutch Telcos
Salt Typhoon’s primary Dutch targets were small internet service providers and hosting providers This article has been indexed from www.infosecurity-magazine.com Read the original article: Netherlands Confirms China’s Salt Typhoon Targeted Small Dutch Telcos
Ransomware crooks knock Swedish municipalities offline for measly sum of $168K
Miljödata meltdown leaves 200 local authorities scrambling over 1.5 BTC Sweden’s municipal governments have been knocked offline after ransomware crooks hit IT supplier Miljödata, reportedly demanding the bargain-basement sum of $168,000.… This article has been indexed from The Register –…
Breaking the Passkey Promise: SquareX Discloses Major Passkey Vulnerability at DEF CON 33
Palo Alto, California, 28th August 2025, CyberNewsWire The post Breaking the Passkey Promise: SquareX Discloses Major Passkey Vulnerability at DEF CON 33 appeared first on Security Boulevard. This article has been indexed from Security Boulevard Read the original article: Breaking…
Orange Belgium Hit by Cyberattack Affecting 850,000 Customers
Orange Belgium, a major telecommunications provider and subsidiary of French telecom giant Orange Group, confirmed in August 2025 a significant cyberattack on its IT systems that resulted in unauthorized access to the personal data of approximately 850,000 customers. The…
Hackers Disclose Why They Targeted North Korean Government Hackers
In a stunning development in the history of cybersecurity, independent hackers managed to successfully break into the system of a North Korean government hacker, enabling them to expose the inner workings of one of the country’s most secretive cyber…
Malicious VS Code Extensions Exploit Name Reuse Loophole
Visual Studio Code extensions have been identified exploiting a loophole that allows reuse of names from removed packages This article has been indexed from www.infosecurity-magazine.com Read the original article: Malicious VS Code Extensions Exploit Name Reuse Loophole