Salesforce AI Hack Enabled CRM Data Theft 2025-09-25 at 21:26 By Eduard Kovacs Prompt injection has been leveraged alongside an expired domain to steal Salesforce data in an attack named ForcedLeak. The post Salesforce AI Hack Enabled CRM Data Theft appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React […]
React to this headline:
Salesforce AI Hack Enabled CRM Data Theft Read More »
ChatGPT Targeted in Server-Side Data Theft Attack 2025-09-18 at 18:49 By Eduard Kovacs OpenAI has fixed this zero-click attack method called by researchers ShadowLeak. The post ChatGPT Targeted in Server-Side Data Theft Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:
React to this headline:
ChatGPT Targeted in Server-Side Data Theft Attack Read More »
Ongoing malvertising campaign targets European IT workers with fake GitHub Desktop installers 2025-09-09 at 09:46 By Zeljka Zorz Researchers have spotted a malvertising (and clever malware delivery) campaign targeting IT workers in the European Union with fake GitHub Desktop installers. “We believe the goal of this campaign was to gain initial access to organizations for
React to this headline:
Salesloft Drift data breach: Investigation reveals how attackers got in 2025-09-08 at 14:33 By Zeljka Zorz The attack that resulted in the Salesloft Drift data breach started with the compromise of the company’s GitHub account, Salesloft confirmed this weekend. Supply chain compromise On August 26, the company publicly revealed that earlier that month, a threat
React to this headline:
Salesloft Drift data breach: Investigation reveals how attackers got in Read More »
Agentic AI coding assistant helped attacker breach, extort 17 distinct organizations 2025-08-28 at 15:29 By Zeljka Zorz Cybercriminals have started “vibe hacking” with AI’s help, AI startup Anthropic has shared in a report released on Wednesday. An attacker used the agentic AI coding assistant Claude Code for nearly all steps of a data extortion operation
React to this headline:
Agentic AI coding assistant helped attacker breach, extort 17 distinct organizations Read More »
Hundreds of Salesforce customer orgs hit in clever attack with potentially huge blast radius 2025-08-27 at 17:47 By Zeljka Zorz A threat group Google tracks as UNC6395 has pilfered troves of data from Salesforce corporate instances, in search of credentials that can be used to compromise those organizations’ environments. “[Google Threat Intelligence Group] observed UNC6395
React to this headline:
Noodlophile infostealer is hiding behind fake copyright and PI infringement notices 2025-08-18 at 16:12 By Zeljka Zorz Attackers pushing the Noodlophile infostealer are targeting businesses with spear-phishing emails threatening legal action due to copyright or intellectual property infringement, Morphisec researchers have warned. The campaign The emails, ostensibly sent by a law firm, are tailored to
React to this headline:
Noodlophile infostealer is hiding behind fake copyright and PI infringement notices Read More »
Trojanized SonicWall NetExtender app exfiltrates VPN credentials 2025-06-24 at 15:00 By Zeljka Zorz Unknown attackers have trojanized SonicWall’s SSL-VPN NetExtender application, the company has warned on Monday, and have been tricking users into downloading it from a lookalike site(s?). The trojanized SonicWall NetExtender installer SonicWall NetExtender is an SSL‑VPN client used by companies to give remote
React to this headline:
Trojanized SonicWall NetExtender app exfiltrates VPN credentials Read More »
Researchers unearth keyloggers on Outlook login pages 2025-06-17 at 18:37 By Zeljka Zorz Unknown threat actors have compromised internet-accessible Microsoft Exchange Servers of government organizations and companies around the world, and have injected the organizations’ Outlook on the Web (OWA) login page with browser-based keyloggers, Positive Technologies researchers have warned. The keylogging JavaScript code (Source:
React to this headline:
Researchers unearth keyloggers on Outlook login pages Read More »
Attackers fake IT support calls to steal Salesforce data 2025-06-04 at 17:47 By Zeljka Zorz Over the past several months, a threat group has been actively breaching organizations’ Salesforce instances and exfiltrating customer and business data, Google Threat Intelligence Group (GTIG) has warned. The attackers in question – currently tracked as UNC6040 – are masters
React to this headline:
Attackers fake IT support calls to steal Salesforce data Read More »
Lumma Stealer Malware-as-a-Service operation disrupted 2025-05-21 at 21:21 By Zeljka Zorz A coordinated action by US, European and Japanese authorities and tech companies like Microsoft and Cloudflare has disrupted the infrastructure behind Lumma Stealer, the most significant infostealer threat at the moment. What is Lumma Stealer? Lumma Stealer is Malware-as-a-Service offering beloved by a wide
React to this headline:
Lumma Stealer Malware-as-a-Service operation disrupted Read More »
Hertz data breach: Customers in US, EU, UK, Australia and Canada affected 2025-04-15 at 17:21 By Zeljka Zorz American car rental company Hertz has suffered a data breach linked to last year’s exploitation of Cleo zero-day vulnerabilities by a ransomware gang. The breach resulted in information of an unknown number of customers of Hertz and
React to this headline:
Hertz data breach: Customers in US, EU, UK, Australia and Canada affected Read More »
North Korean IT workers set their sights on European organizations 2025-04-02 at 13:05 By Zeljka Zorz North Korean IT workers are expanding their efforts beyond the US, and are seeking to fraudulently gain employment with organizations around the world, but most especially in Europe. According to Google’s threat researchers, they are also increasingly attempting to
React to this headline:
North Korean IT workers set their sights on European organizations Read More »
Stealthy StilachiRAT steals data, may enable lateral movement 2025-03-18 at 15:48 By Zeljka Zorz While still not widely distributed, a new Windows remote access trojan (RAT) dubbed StilachiRAT is a serious threat. “[The malware] demonstrates sophisticated techniques to evade detection, persist in the target environment, and exfiltrate sensitive data,” Microsoft threat analysts have warned on
React to this headline:
Stealthy StilachiRAT steals data, may enable lateral movement Read More »
Cybercrime gang exploited VeraCore zero-day vulnerabilities for years (CVE-2025-25181, CVE-2024-57968) 2025-02-05 at 18:49 By Zeljka Zorz XE Group, a cybercriminal outfit that has been active for over a decade, has been quietly exploiting zero-day vulnerabilities (CVE-2025-25181, CVE-2024-57968) in VeraCore software, a popular solution for warehouse management and order fulfillment. According to Intezer and Solis Security
React to this headline:
Casio UK site compromised, equipped with web skimmer 2025-02-04 at 13:20 By Zeljka Zorz Japanese electronics maker Casio has had its UK website injected with a web skimmer that collected buyers’ personal and payment card information, Jscrambler has discovered. The company says that the same skimmer has been added to at least seventeen (and possibly
React to this headline:
Casio UK site compromised, equipped with web skimmer Read More »
DeepSeek’s popularity exploited to push malicious packages via PyPI 2025-02-03 at 15:33 By Zeljka Zorz Two malicious packages leveraging the DeepSeek name have been published to the Python Package Index (PyPI) package repository, and in the 30 minutes or so they were up, they have been downloaded 36 times. The malicious packages The attack started
React to this headline:
DeepSeek’s popularity exploited to push malicious packages via PyPI Read More »
North Korean IT workers are extorting employers, FBI warns 2025-01-24 at 16:48 By Zeljka Zorz The FBI is on a mission to raise awareness about the threat that North Korean IT workers present to organizations in the US and around the world. While corporate espionage comes to mind first, the threat goes beyond that: “In
React to this headline:
North Korean IT workers are extorting employers, FBI warns Read More »
MUT-1244 targeting security researchers, red teamers, and threat actors 2024-12-16 at 17:33 By Zeljka Zorz A threat actor tracked as MUT-1244 by DataDog researchers has been targeting academics, pentesters, red teamers, security researchers, as well as other threat actors, in order to steal AWS access keys, WordPress account credentials and other sensitive data. MUT-1244 has
React to this headline:
MUT-1244 targeting security researchers, red teamers, and threat actors Read More »
8Base hacked port operating company Luka Rijeka 2024-12-09 at 14:48 By Zeljka Zorz Luka Rijeka, a company that offers maritime transport, port, storage of goods and forwarding services in Rijeka, Croatia, has been hacked by the 8Base ransomware group. The group claimed the attack on their dark web data leak site and professed that they’ve
React to this headline:
8Base hacked port operating company Luka Rijeka Read More »