The vulnerabilities could be exploited to cause a denial-of-service (DoS) condition, execute arbitrary code, or access arbitrary files and directories. The post SonicWall Patches High-Severity Flaws in Firewalls, Email Security Appliance appeared first on SecurityWeek. This article has been indexed…
Salesforce Gainsight compromise: Early findings and customer guidance
In the wake of Salesforce’s announcement about “unusual activity involving Gainsight-published applications” and the company’s revocation of access and refresh tokens associated with them, Gainsight has been doing a good job keeping customers updated on current investigation findings. On the…
APT24 Deploys BADAUDIO in Years-Long Espionage Hitting Taiwan and 1,000+ Domains
A China-nexus threat actor known as APT24 has been observed using a previously undocumented malware dubbed BADAUDIO to establish persistent remote access to compromised networks as part of a nearly three-year campaign. “While earlier operations relied on broad strategic web…
Why IT Admins Choose Samsung for Mobile Security
Ever wonder how some IT teams keep corporate data safe without slowing down employees? Of course you have. Mobile devices are essential for modern work—but with mobility comes risk. IT admins, like you, juggle protecting sensitive data while keeping teams…
Chinese Cyberspies Deploy ‘BadAudio’ Malware via Supply Chain Attacks
APT24 has been relying on various techniques to drop the BadAudio downloader and then deploy additional payloads. The post Chinese Cyberspies Deploy ‘BadAudio’ Malware via Supply Chain Attacks appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
This Hacker Conference Installed a Literal Anti-Virus Monitoring System
At New Zealand’s Kawaiican cybersecurity convention, organizers hacked together a way for attendees to track CO2 levels throughout the venue—even before they arrived. This article has been indexed from Security Latest Read the original article: This Hacker Conference Installed a…
SquareX and Perplexity Quarrel Over Alleged Comet Browser Vulnerability
SquareX claims to have found a way to abuse a hidden Comet API to execute local commands, but Perplexity says the research is fake. The post SquareX and Perplexity Quarrel Over Alleged Comet Browser Vulnerability appeared first on SecurityWeek. This…
Salesforce alerts users to potential data exposure via Gainsight OAuth apps
Salesforce warns that unusual activity in Gainsight-linked OAuth apps may have enabled unauthorized access to some customers’ Salesforce data. Salesforce warned of unusual activity involving Gainsight-linked OAuth apps, noting that threat actors may have used these integrations to gain unauthorized…
Runlayer Emerges From Stealth Mode With $11 Million in Funding
The company has operated in stealth mode for four months and has signed dozens of customers, including eight unicorns. The post Runlayer Emerges From Stealth Mode With $11 Million in Funding appeared first on SecurityWeek. This article has been indexed…
IT Security News Hourly Summary 2025-11-21 12h : 5 posts
5 posts were published in the last hour 10:31 : ToddyCat: your hidden email assistant. Part 1 10:31 : New Gainsight Supply Chain Hack Could Affect Salesforce Customers 10:6 : Use of CSS stuffing as an obfuscation technique?, (Fri, Nov…
ToddyCat: your hidden email assistant. Part 1
Kaspersky experts analyze the ToddyCat APT attacks targeting corporate email. We examine the new version of TomBerBil, the TCSectorCopy and XstReader tools, and methods for stealing access tokens from Outlook. This article has been indexed from Securelist Read the original…
New Gainsight Supply Chain Hack Could Affect Salesforce Customers
Salesforce believes there has been unauthorized access to its customers’ data through the Gainsight app’s connection to its platform This article has been indexed from www.infosecurity-magazine.com Read the original article: New Gainsight Supply Chain Hack Could Affect Salesforce Customers
Use of CSS stuffing as an obfuscation technique?, (Fri, Nov 21st)
From time to time, it can be instructive to look at generic phishing messages that are delivered to one's inbox or that are caught by basic spam filters. Although one usually doesn't find much of interest, sometimes these little excursions…
Windows 11 to Hide BSOD Crash Errors on Public Displays
Microsoft has introduced a practical new feature in Windows 11 designed specifically for public-facing monitors and signage. This new mode ensures that the dreaded Blue Screen of Death (BSOD) and other disruptive error dialogs are hidden from view on non-interactive…
Salesforce Instances Hacked via Gainsight Integrations
The infamous ShinyHunters hackers have targeted customer-managed Gainsight-published applications to steal data from Salesforce instances. The post Salesforce Instances Hacked via Gainsight Integrations appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Salesforce Instances…
ZTE Launches ZXCSec MAF security solution for large model
A multi-layered security framework protecting large-model applications from adversarial threats, data leakage, API abuse, and content risks Partner Content At MWC Shanghai 2025, ZTE has officially launched its ZXCSec MAF product, a dedicated application-layer security protection device specifically designed for…
Chinese Hackers Exploiting WSUS Remote Code Execution Vulnerability to Deploy ShadowPad Malware
Security researchers at the AhnLab Security Intelligence Center (ASEC) have uncovered a sophisticated cyberattack campaign targeting Microsoft Windows Server Update Services (WSUS) infrastructure. The attackers are exploiting a critical remote code execution vulnerability tracked as CVE-2025-59287 to deploy ShadowPad, a notorious backdoor…
Clop Ransomware Claims Oracle Breach Using E-Business Suite 0-Day
The notorious Clop ransomware gang, also known as Graceful Spider, has listed Oracle Corporation on its dark web leak site, claiming to have successfully breached the technology giant’s internal systems. This alarming development represents a significant escalation in the group’s…
Salesforce Confirms Customer Data Was Exposed in Gainsight Breach
Salesforce has identified unusual activity involving applications published by Gainsight that are connected to the Salesforce platform. The company’s investigation revealed that this suspicious activity resulted in unauthorized access to specific customer data stored in Salesforce environments. Upon discovery, Salesforce…
Operation DreamJob Attacks on Manufacturing via WhatsApp Web
Operation DreamJob, a longstanding North Korean cyberespionage campaign, has once again demonstrated its lethal effectiveness by targeting manufacturing organizations through deceptive job-related messages delivered via WhatsApp Web. In August 2025, Orange Cyberdefense’s CyberSOC and CSIRT investigated an intrusion targeting an…
Critical Grafana Flaw Lets Attackers Escalate Privileges
Grafana Labs has released critical security patches addressing a severe vulnerability in its SCIM provisioning feature that could allow attackers to escalate privileges or impersonate users. The flaw, tracked as CVE-2025-41115 with a CVSS score of 10.0 (Critical), affects Grafana…
New Onapsis platform updates enhance visibility and protection across SAP landscapes
Onapsis introduced a series of new updates to its Onapsis Control product line, advancing security capabilities across SAP and cloud ERP application development environments. These enhancements include integration with SAP Continuous Integration and Delivery (CI/CD), expanded Git repository support to…
SEC Drops SolarWinds Case After Years of High-Stakes Cybersecurity Scrutiny
The U.S. Securities and Exchange Commission (SEC) has abandoned its lawsuit against SolarWinds and its chief information security officer, alleging that the company had misled investors about the security practices that led to the 2020 supply chain attack. In a…
Sturnus captures encrypted chats, PowerSchool schools blamed, SEC security bill
Sturnus Android Trojan captures encrypted chats and hijacks devices Canadian regulators say schools share blame for PowerSchool hack Bill reintroduced to bolster cybersecurity at Securities and Exchange Commission Huge thanks to our episode sponsor, KnowBe4 Your email gateway isn’t catching…