In a surprise move, Google on Thursday announced that it has updated Quick Share, its peer-to-peer file transfer service, to work with Apple’s equipment AirDrop, allowing users to more easily share files and photos between Android and iPhone devices. The…
Hidden Comet Browser API Allowed Dangerous Local Command Execution
A hidden MCP API in Comet let extensions execute local commands on user devices. The post Hidden Comet Browser API Allowed Dangerous Local Command Execution appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the…
Massive data leak hits Italian railway operator Ferrovie dello Stato via Almaviva hack
Ferrovie dello Stato Italiane (FS) data leaked after a breach at IT provider Almaviva. A hacker claims the theft of 2.3 TB of sensitive data. Data belonging to Italy’s national railway operator Ferrovie dello Stato Italiane (FS) was leaked after a data…
Scaling Cyber: meet the next cybersecurity global leaders
Agentic Threat Hunting, Predictive Threat Intelligence, Disinformation Security & Cyber Deception and more The post Scaling Cyber: meet the next cybersecurity global leaders appeared first on Security Boulevard. This article has been indexed from Security Boulevard Read the original article:…
Allies Sanction Russian Network Behind Major Cyberattacks
The UK, US, and Australia sanctioned Media Land, a Russian network enabling major cyberattacks. The post Allies Sanction Russian Network Behind Major Cyberattacks appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article:…
Critical ASUSTOR Vulnerability Let Attackers Execute Malicious Code with Elevated Privileges
A critical security vulnerability has been discovered in ASUSTOR backup and synchronization software, allowing attackers to execute malicious code with elevated system privileges. The flaw, tracked as CVE-2025-13051, affects two widely used ASUSTOR applications and poses a significant risk to…
Critical Grafana Vulnerability Let Attackers Escalate Privilege
Grafana Labs has disclosed a critical security vulnerability affecting Grafana Enterprise that could allow attackers to escalate privileges and impersonate users. The flaw, tracked as CVE-2025-41115, has received the maximum CVSS score of 10.0, making it one of the most severe…
Broadcom Allegedly Breached by Clop Ransomware via E-Business Suite 0-Day Hack
The Cl0p ransomware group has claimed responsibility for infiltrating Broadcom’s internal systems as part of an ongoing exploitation campaign targeting Oracle E-Business Suite vulnerabilities. The hack uses a critical zero-day vulnerability (CVE-2025-61882) rated 9.8 on the CVSS scale, allowing attackers…
China-linked APT24 Hackers New BadAudio Compromised Legitimate Public Websites to Attack Users
APT24, a sophisticated cyber espionage group linked to China’s People’s Republic, has launched a relentless three-year campaign delivering BadAudio, a highly obfuscated first-stage downloader that enables persistent network access to targeted organizations. The threat actor has demonstrated remarkable adaptability by…
SonicWall Patches High-Severity Flaws in Firewalls, Email Security Appliance
The vulnerabilities could be exploited to cause a denial-of-service (DoS) condition, execute arbitrary code, or access arbitrary files and directories. The post SonicWall Patches High-Severity Flaws in Firewalls, Email Security Appliance appeared first on SecurityWeek. This article has been indexed…
Salesforce Gainsight compromise: Early findings and customer guidance
In the wake of Salesforce’s announcement about “unusual activity involving Gainsight-published applications” and the company’s revocation of access and refresh tokens associated with them, Gainsight has been doing a good job keeping customers updated on current investigation findings. On the…
APT24 Deploys BADAUDIO in Years-Long Espionage Hitting Taiwan and 1,000+ Domains
A China-nexus threat actor known as APT24 has been observed using a previously undocumented malware dubbed BADAUDIO to establish persistent remote access to compromised networks as part of a nearly three-year campaign. “While earlier operations relied on broad strategic web…
Why IT Admins Choose Samsung for Mobile Security
Ever wonder how some IT teams keep corporate data safe without slowing down employees? Of course you have. Mobile devices are essential for modern work—but with mobility comes risk. IT admins, like you, juggle protecting sensitive data while keeping teams…
Chinese Cyberspies Deploy ‘BadAudio’ Malware via Supply Chain Attacks
APT24 has been relying on various techniques to drop the BadAudio downloader and then deploy additional payloads. The post Chinese Cyberspies Deploy ‘BadAudio’ Malware via Supply Chain Attacks appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
This Hacker Conference Installed a Literal Anti-Virus Monitoring System
At New Zealand’s Kawaiican cybersecurity convention, organizers hacked together a way for attendees to track CO2 levels throughout the venue—even before they arrived. This article has been indexed from Security Latest Read the original article: This Hacker Conference Installed a…
SquareX and Perplexity Quarrel Over Alleged Comet Browser Vulnerability
SquareX claims to have found a way to abuse a hidden Comet API to execute local commands, but Perplexity says the research is fake. The post SquareX and Perplexity Quarrel Over Alleged Comet Browser Vulnerability appeared first on SecurityWeek. This…
Salesforce alerts users to potential data exposure via Gainsight OAuth apps
Salesforce warns that unusual activity in Gainsight-linked OAuth apps may have enabled unauthorized access to some customers’ Salesforce data. Salesforce warned of unusual activity involving Gainsight-linked OAuth apps, noting that threat actors may have used these integrations to gain unauthorized…
Runlayer Emerges From Stealth Mode With $11 Million in Funding
The company has operated in stealth mode for four months and has signed dozens of customers, including eight unicorns. The post Runlayer Emerges From Stealth Mode With $11 Million in Funding appeared first on SecurityWeek. This article has been indexed…
IT Security News Hourly Summary 2025-11-21 12h : 5 posts
5 posts were published in the last hour 10:31 : ToddyCat: your hidden email assistant. Part 1 10:31 : New Gainsight Supply Chain Hack Could Affect Salesforce Customers 10:6 : Use of CSS stuffing as an obfuscation technique?, (Fri, Nov…
ToddyCat: your hidden email assistant. Part 1
Kaspersky experts analyze the ToddyCat APT attacks targeting corporate email. We examine the new version of TomBerBil, the TCSectorCopy and XstReader tools, and methods for stealing access tokens from Outlook. This article has been indexed from Securelist Read the original…
New Gainsight Supply Chain Hack Could Affect Salesforce Customers
Salesforce believes there has been unauthorized access to its customers’ data through the Gainsight app’s connection to its platform This article has been indexed from www.infosecurity-magazine.com Read the original article: New Gainsight Supply Chain Hack Could Affect Salesforce Customers
Use of CSS stuffing as an obfuscation technique?, (Fri, Nov 21st)
From time to time, it can be instructive to look at generic phishing messages that are delivered to one's inbox or that are caught by basic spam filters. Although one usually doesn't find much of interest, sometimes these little excursions…
Windows 11 to Hide BSOD Crash Errors on Public Displays
Microsoft has introduced a practical new feature in Windows 11 designed specifically for public-facing monitors and signage. This new mode ensures that the dreaded Blue Screen of Death (BSOD) and other disruptive error dialogs are hidden from view on non-interactive…
Salesforce Instances Hacked via Gainsight Integrations
The infamous ShinyHunters hackers have targeted customer-managed Gainsight-published applications to steal data from Salesforce instances. The post Salesforce Instances Hacked via Gainsight Integrations appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Salesforce Instances…