Internet Security

UNC6395 targets Salesloft in Drift OAuth token theft campaign

August 28, 2025 add comment
Hackers breached Salesloft to steal OAuth/refresh tokens for Drift AI chat; GTIG and Mandiant link the campaign to threat actor UNC6395. Google Threat Intelligence Group and Mandiant researchers investigate... Read more »

Over 28,000 Citrix instances remain exposed to critical RCE flaw CVE-2025-7775

August 27, 2025 add comment
Over 28,200 Citrix NetScaler ADC/Gateway instances remain exposed to critical RCE flaw CVE-2025-7775, already under active exploitation. Experts at the Shadowserver Foundation warn that more than 28,200 Citrix instances... Read more »

Healthcare Services Group discloses 2024 data breach that impacted 624,496 people

August 27, 2025 add comment
Healthcare Services Group suffered a 2024 breach, exposing personal data of 624,000+ people. Affected individuals are now being notified. In 2024, Healthcare Services Group suffered a data breach that... Read more »

ESET warns of PromptLock, the first AI-driven ransomware

August 27, 2025 add comment
ESET found PromptLock, the first AI-driven ransomware, using OpenAI’s gpt-oss:20b via Ollama to generate and run malicious Lua scripts. In a series of messages published on X, ESET Research... Read more »

China linked Silk Typhoon targeted diplomats by hijacking web traffic

August 27, 2025 add comment
The China-linked APT group Silk Typhoon targeted diplomats by hijacking web traffic to redirect it to a website that delivered malware. China-linked cyberespionage group Silk Typhoon targeted diplomats by... Read more »

Farmers Insurance discloses a data breach impacting 1.1M customers

August 26, 2025 add comment
Farmers Insurance suffered a breach tied to Salesforce attacks, exposing data of 1.1M customers across its nationwide insurance network. Farmers Insurance disclosed a data breach affecting 1,071,172 customers, linked... Read more »

Citrix fixed three NetScaler flaws, one of them actively exploited in the wild

August 26, 2025 add comment
Citrix addressed three vulnerabilities in NetScaler ADC and NetScaler Gateway, including one that has been actively exploited in the wild. Citrix addressed three security flaws (CVE-2025-7775, CVE-2025-7776, CVE-2025-8424) in NetScaler... Read more »

Auchan discloses data breach: data of hundreds of thousands of customers exposed

August 26, 2025 add comment
French retailer Auchan suffered a data breach impacting hundreds of thousands of customers, with personal information stolen. French retailer Auchan suffered a data breach that impacted hundreds of thousands... Read more »

U.S. CISA adds Citrix Session Recording, and Git flaws to its Known Exploited Vulnerabilities catalog

August 26, 2025 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Citrix Session Recording, and Git flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Citrix Session... Read more »

Docker fixes critical Desktop flaw allowing container escapes

August 25, 2025 add comment
Docker fixed a critical flaw in the Docker Desktop app for Windows and macOS that could potentially allow an attacker to escape the confines of a container. Docker fixed... Read more »
Subscribe to our Newsletter