The ShinyHunters extortion group claims to have stolen over 1.5 billion Salesforce records from 760 companies using compromised Salesloft Drift OAuth tokens. […] Go to Source Author: Lawrence Abrams
Category Archives: Security
New York-based venture capital and private equity firm Insight Partners is notifying thousands of individuals whose personal information was stolen in a ransomware attack. […] Go to Source Author: Sergiu Gatlan
SonicWall warned customers today to reset credentials after their firewall configuration backup files were exposed in a security breach that impacted MySonicWall accounts. […] Go to Source Author: Sergiu Gatlan
ClickFix isn’t just back—it’s mutating. New variants use fake CAPTCHAs, File Explorer tricks & MSI lures to drop MetaStealer. Stay ahead with Huntress’ Tradecraft Tuesday threat briefings. […] Go to Source Author: Sponsored by Huntress
Microsoft and Cloudflare have disrupted a massive Phishing-as-a-Service (PhaaS) operation, known as RaccoonO365, that helped cybercriminals steal thousands of Microsoft 365 credentials. […] Go to Source Author: Sergiu Gatlan
Conor Brian Fitzpatrick, the 22-year-old behind the notorious BreachForums hacking forum, was resentenced today to three years in prison after a federal appeals court overturned his prior sentence of time served and 20 years of supervised release. […] Go to Source Author: Lawrence Abrams
A massive Android ad fraud operation dubbed “SlopAds” was disrupted after 224 malicious applications on Google Play were used to generate 2.3 billion ad requests per day. […] Go to Source Author: Lawrence Abrams
Security researchers have identified at least 187 npm packages compromised in an ongoing supply chain attack. The coordinated worm-style campaign dubbed ‘Shai-Hulud’ started yesterday with the compromise of the @ctrl/tinycolor npm package, and has now expanded to CrowdStrike’s npm namespace. […] Go to Source Author: Ax Sharma
One VMware-certified pro is a win. An entire certified team? That’s a security multiplier. VMUG Advantage makes team-wide certification practical—building collaboration, resilience, and retention. […] Go to Source Author: Sponsored by VMUG
Jaguar Land Rover (JLR) announced today that it will extend the production shutdown for another week, following a devastating cyberattack that impacted its systems at the end of August. […] Go to Source Author: Sergiu Gatlan