Sangoma warns of an actively exploited FreePBX zero-day affecting systems with publicly exposed admin control panels. The Sangoma FreePBX Security Team addressed an actively exploited FreePBX zero-day vulnerability, tracked... Read more »

Google warns that Salesloft Drift OAuth breach affects all integrations, not just Salesforce. All tokens should be treated as compromised. Google disclosed that the Salesloft Drift OAuth breach is... Read more »

Dutch intelligence reports Chinese cyber spies (Salt Typhoon, RedMike) targeted the Netherlands, hitting critical infrastructure. The Dutch intelligence and security services MIVD and AIVD say Chinese cyber spies linked... Read more »

Cyberattack on Miljödata disrupted services in over 200 Swedish municipalities, with concerns over stolen sensitive data. A cyberattack on Miljödata, an IT supplier serving 80% of Swedish municipalities, including... Read more »

TransUnion reported a data breach in which threat actors accessed personal information of over 4.4 million customers. TransUnion disclosed a data breach that impacted more than 4,461,511 customers. The... Read more »

NSA and allies warn that Chinese APT actors, including Salt Typhoon, are targeting critical infrastructure worldwide. The U.S. National Security Agency (NSA), the UK’s National Cyber Security Centre (NCSC),... Read more »

Hackers breached Salesloft to steal OAuth/refresh tokens for Drift AI chat; GTIG and Mandiant link the campaign to threat actor UNC6395. Google Threat Intelligence Group and Mandiant researchers investigate... Read more »

Over 28,200 Citrix NetScaler ADC/Gateway instances remain exposed to critical RCE flaw CVE-2025-7775, already under active exploitation. Experts at the Shadowserver Foundation warn that more than 28,200 Citrix instances... Read more »

Healthcare Services Group suffered a 2024 breach, exposing personal data of 624,000+ people. Affected individuals are now being notified. In 2024, Healthcare Services Group suffered a data breach that... Read more »