data theft

Salesloft Drift data breach: Investigation reveals how attackers got in

Salesloft Drift data breach: Investigation reveals how attackers got in 2025-09-08 at 14:33 By Zeljka Zorz The attack that resulted in the Salesloft Drift data breach started with the compromise of the company’s GitHub account, Salesloft confirmed this weekend. Supply chain compromise On August 26, the company publicly revealed that earlier that month, a threat […]

React to this headline:

Loading spinner

Salesloft Drift data breach: Investigation reveals how attackers got in Read More »

Agentic AI coding assistant helped attacker breach, extort 17 distinct organizations

Agentic AI coding assistant helped attacker breach, extort 17 distinct organizations 2025-08-28 at 15:29 By Zeljka Zorz Cybercriminals have started “vibe hacking” with AI’s help, AI startup Anthropic has shared in a report released on Wednesday. An attacker used the agentic AI coding assistant Claude Code for nearly all steps of a data extortion operation

React to this headline:

Loading spinner

Agentic AI coding assistant helped attacker breach, extort 17 distinct organizations Read More »

Hundreds of Salesforce customer orgs hit in clever attack with potentially huge blast radius

Hundreds of Salesforce customer orgs hit in clever attack with potentially huge blast radius 2025-08-27 at 17:47 By Zeljka Zorz A threat group Google tracks as UNC6395 has pilfered troves of data from Salesforce corporate instances, in search of credentials that can be used to compromise those organizations’ environments. “[Google Threat Intelligence Group] observed UNC6395

React to this headline:

Loading spinner

Hundreds of Salesforce customer orgs hit in clever attack with potentially huge blast radius Read More »

Noodlophile infostealer is hiding behind fake copyright and PI infringement notices

Noodlophile infostealer is hiding behind fake copyright and PI infringement notices 2025-08-18 at 16:12 By Zeljka Zorz Attackers pushing the Noodlophile infostealer are targeting businesses with spear-phishing emails threatening legal action due to copyright or intellectual property infringement, Morphisec researchers have warned. The campaign The emails, ostensibly sent by a law firm, are tailored to

React to this headline:

Loading spinner

Noodlophile infostealer is hiding behind fake copyright and PI infringement notices Read More »

Trojanized SonicWall NetExtender app exfiltrates VPN credentials

Trojanized SonicWall NetExtender app exfiltrates VPN credentials 2025-06-24 at 15:00 By Zeljka Zorz Unknown attackers have trojanized SonicWall’s SSL-VPN NetExtender application, the company has warned on Monday, and have been tricking users into downloading it from a lookalike site(s?). The trojanized SonicWall NetExtender installer SonicWall NetExtender is an SSL‑VPN client used by companies to give remote

React to this headline:

Loading spinner

Trojanized SonicWall NetExtender app exfiltrates VPN credentials Read More »

Researchers unearth keyloggers on Outlook login pages

Researchers unearth keyloggers on Outlook login pages 2025-06-17 at 18:37 By Zeljka Zorz Unknown threat actors have compromised internet-accessible Microsoft Exchange Servers of government organizations and companies around the world, and have injected the organizations’ Outlook on the Web (OWA) login page with browser-based keyloggers, Positive Technologies researchers have warned. The keylogging JavaScript code (Source:

React to this headline:

Loading spinner

Researchers unearth keyloggers on Outlook login pages Read More »

Attackers fake IT support calls to steal Salesforce data

Attackers fake IT support calls to steal Salesforce data 2025-06-04 at 17:47 By Zeljka Zorz Over the past several months, a threat group has been actively breaching organizations’ Salesforce instances and exfiltrating customer and business data, Google Threat Intelligence Group (GTIG) has warned. The attackers in question – currently tracked as UNC6040 – are masters

React to this headline:

Loading spinner

Attackers fake IT support calls to steal Salesforce data Read More »

Lumma Stealer Malware-as-a-Service operation disrupted

Lumma Stealer Malware-as-a-Service operation disrupted 2025-05-21 at 21:21 By Zeljka Zorz A coordinated action by US, European and Japanese authorities and tech companies like Microsoft and Cloudflare has disrupted the infrastructure behind Lumma Stealer, the most significant infostealer threat at the moment. What is Lumma Stealer? Lumma Stealer is Malware-as-a-Service offering beloved by a wide

React to this headline:

Loading spinner

Lumma Stealer Malware-as-a-Service operation disrupted Read More »

Hertz data breach: Customers in US, EU, UK, Australia and Canada affected

Hertz data breach: Customers in US, EU, UK, Australia and Canada affected 2025-04-15 at 17:21 By Zeljka Zorz American car rental company Hertz has suffered a data breach linked to last year’s exploitation of Cleo zero-day vulnerabilities by a ransomware gang. The breach resulted in information of an unknown number of customers of Hertz and

React to this headline:

Loading spinner

Hertz data breach: Customers in US, EU, UK, Australia and Canada affected Read More »

North Korean IT workers set their sights on European organizations

North Korean IT workers set their sights on European organizations 2025-04-02 at 13:05 By Zeljka Zorz North Korean IT workers are expanding their efforts beyond the US, and are seeking to fraudulently gain employment with organizations around the world, but most especially in Europe. According to Google’s threat researchers, they are also increasingly attempting to

React to this headline:

Loading spinner

North Korean IT workers set their sights on European organizations Read More »

Stealthy StilachiRAT steals data, may enable lateral movement

Stealthy StilachiRAT steals data, may enable lateral movement 2025-03-18 at 15:48 By Zeljka Zorz While still not widely distributed, a new Windows remote access trojan (RAT) dubbed StilachiRAT is a serious threat. “[The malware] demonstrates sophisticated techniques to evade detection, persist in the target environment, and exfiltrate sensitive data,” Microsoft threat analysts have warned on

React to this headline:

Loading spinner

Stealthy StilachiRAT steals data, may enable lateral movement Read More »

Cybercrime gang exploited VeraCore zero-day vulnerabilities for years (CVE-2025-25181, CVE-2024-57968)

Cybercrime gang exploited VeraCore zero-day vulnerabilities for years (CVE-2025-25181, CVE-2024-57968) 2025-02-05 at 18:49 By Zeljka Zorz XE Group, a cybercriminal outfit that has been active for over a decade, has been quietly exploiting zero-day vulnerabilities (CVE-2025-25181, CVE-2024-57968) in VeraCore software, a popular solution for warehouse management and order fulfillment. According to Intezer and Solis Security

React to this headline:

Loading spinner

Cybercrime gang exploited VeraCore zero-day vulnerabilities for years (CVE-2025-25181, CVE-2024-57968) Read More »

Casio UK site compromised, equipped with web skimmer

Casio UK site compromised, equipped with web skimmer 2025-02-04 at 13:20 By Zeljka Zorz Japanese electronics maker Casio has had its UK website injected with a web skimmer that collected buyers’ personal and payment card information, Jscrambler has discovered. The company says that the same skimmer has been added to at least seventeen (and possibly

React to this headline:

Loading spinner

Casio UK site compromised, equipped with web skimmer Read More »

DeepSeek’s popularity exploited to push malicious packages via PyPI

DeepSeek’s popularity exploited to push malicious packages via PyPI 2025-02-03 at 15:33 By Zeljka Zorz Two malicious packages leveraging the DeepSeek name have been published to the Python Package Index (PyPI) package repository, and in the 30 minutes or so they were up, they have been downloaded 36 times. The malicious packages The attack started

React to this headline:

Loading spinner

DeepSeek’s popularity exploited to push malicious packages via PyPI Read More »

North Korean IT workers are extorting employers, FBI warns

North Korean IT workers are extorting employers, FBI warns 2025-01-24 at 16:48 By Zeljka Zorz The FBI is on a mission to raise awareness about the threat that North Korean IT workers present to organizations in the US and around the world. While corporate espionage comes to mind first, the threat goes beyond that: “In

React to this headline:

Loading spinner

North Korean IT workers are extorting employers, FBI warns Read More »

MUT-1244 targeting security researchers, red teamers, and threat actors

MUT-1244 targeting security researchers, red teamers, and threat actors 2024-12-16 at 17:33 By Zeljka Zorz A threat actor tracked as MUT-1244 by DataDog researchers has been targeting academics, pentesters, red teamers, security researchers, as well as other threat actors, in order to steal AWS access keys, WordPress account credentials and other sensitive data. MUT-1244 has

React to this headline:

Loading spinner

MUT-1244 targeting security researchers, red teamers, and threat actors Read More »

8Base hacked port operating company Luka Rijeka

8Base hacked port operating company Luka Rijeka 2024-12-09 at 14:48 By Zeljka Zorz Luka Rijeka, a company that offers maritime transport, port, storage of goods and forwarding services in Rijeka, Croatia, has been hacked by the 8Base ransomware group. The group claimed the attack on their dark web data leak site and professed that they’ve

React to this headline:

Loading spinner

8Base hacked port operating company Luka Rijeka Read More »

Android 15 unveils new security features to protect sensitive data

Android 15 unveils new security features to protect sensitive data 2024-10-16 at 13:20 By Help Net Security Android 15 brings enhanced security features to protect your sensitive health, financial, and personal data from theft and fraud. It also introduces productivity improvements for large-screen devices and updates to apps like the camera, messaging, and passkeys. Android

React to this headline:

Loading spinner

Android 15 unveils new security features to protect sensitive data Read More »

Microchip Technology confirms theft of employee data

Microchip Technology confirms theft of employee data 2024-09-05 at 12:31 By Zeljka Zorz US-based semiconductor manufacturer Microchip Technology has confirmed that the cyberattack it suffered in August 2024 resulted in the theft of data, including “employee contact information and some encrypted and hashed passwords.” The breach was claimed later that month by the Play ransomware

React to this headline:

Loading spinner

Microchip Technology confirms theft of employee data Read More »

Hide yo environment files! Or risk getting your cloud-stored data stolen and held for ransom

Hide yo environment files! Or risk getting your cloud-stored data stolen and held for ransom 2024-08-15 at 17:16 By Zeljka Zorz Cybercriminals are breaking into organizations’ cloud storage containers, exfiltrating their sensitive data and, in several cases, have been paid off by the victim organizations to not leak or sell the stolen data. “The attackers

React to this headline:

Loading spinner

Hide yo environment files! Or risk getting your cloud-stored data stolen and held for ransom Read More »

Scroll to Top