Klue breach lead to Salesforce data theft, Huntress affected 2026-06-19 at 15:57 By Zeljka Zorz Cybersecurity vendor Huntress was among multiple companies hit by a breach originating at Klue, a market intelligence platform used to integrate CRM and sales data across various business tools. Huntress published a detailed account of the incident on June 18, […]
Klue breach lead to Salesforce data theft, Huntress affected Read More »
Oracle PeopleSoft servers under attack, Oracle pushes out-of-band security alert 2026-06-11 at 15:41 By Zeljka Zorz A zero-day vulnerability (CVE-2026-35273) in Oracle PeopleSoft PeopleTools is being exploited in the wild, Charles Carmakal, CTO at cybersecurity firm Mandiant, part of Google Cloud, warned today. The warning comes a day after Oracle published an out-of-band security alert
Oracle PeopleSoft servers under attack, Oracle pushes out-of-band security alert Read More »
Attackers accessed, downloaded code from Grafana Labs’ GitHub 2026-05-18 at 12:57 By Zeljka Zorz A threat actor has managed to access Grafana Labs’ GitHub environment and download the company’s codebase, the open-source observability and data visualization firm announced on Sunday. The breach is significant given Grafana Labs’ widespread use across enterprise engineering and DevOps teams
Attackers accessed, downloaded code from Grafana Labs’ GitHub Read More »
Software supply chain hacks trigger wave of intrusions, data theft 2026-04-02 at 18:58 By Zeljka Zorz After linking the Axios npm supply chain attack to North Korean hackers, Google researchers warned that “hundreds of thousands of stolen secrets could potentially be circulating” as a result of this and the Trivy, KICS, LiteLLM, and Telnyx supply
Software supply chain hacks trigger wave of intrusions, data theft Read More »
Russian initial access broker helped ransomware gangs extort millions, sentenced to 81 months 2026-03-24 at 19:53 By Sinisa Markovic A Russian citizen, Aleksei Volkov, was sentenced to 81 months in prison for helping ransomware groups carry out attacks causing over $9 million in actual losses and over $24 million in intended losses, after being arrested
Extortion Group Claims It Hacked AstraZeneca 2026-03-24 at 19:53 By Ionut Arghire The Lapsus$ hackers allegedly compromised internal code repositories, credentials, and employee data. The post Extortion Group Claims It Hacked AstraZeneca appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Extortion Group Claims It Hacked AstraZeneca Read More »
Terminated contract led to $2.5 million cyber extortion scheme 2026-03-20 at 19:32 By Sinisa Markovic A federal jury convicted Cameron Curry, 27, a Charlotte resident, of carrying out an extensive cyber extortion scheme targeting a Washington, D.C.-based international technology company. He faces up to two years in prison on each of the six charges. Curry,
Terminated contract led to $2.5 million cyber extortion scheme Read More »
Hundreds of Salesforce Customers Allegedly Targeted in New Data Theft Campaign 2026-03-10 at 15:06 By Eduard Kovacs Salesforce has confirmed that customers are being targeted via poorly secured instances. The post Hundreds of Salesforce Customers Allegedly Targeted in New Data Theft Campaign appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original
Hundreds of Salesforce Customers Allegedly Targeted in New Data Theft Campaign Read More »
ShinyHunters flip the script on MFA in new data theft attacks 2026-02-02 at 18:50 By Zeljka Zorz Multi-factor authentication (MFA) is supposed to defend against phishing attacks, but threat actors operating under the ShinyHunters banner are using it as a pretext in ongoing social engineering attacks aimed at bypassing it. Among those successfully targeted in
ShinyHunters flip the script on MFA in new data theft attacks Read More »
RansomHub claims alleged breach of Apple partner Luxshare 2026-01-21 at 14:34 By Zeljka Zorz Chinese electronic manufacturer and Apple partner Luxshare Precision Industry has allegedly been breached by affiliates of the RansomHub ransomware-as-a-service outfit. Luxshare is one of the primary assemblers of Apple’s wireless earbuds, iPhones, and Vision Pro devices, as well as a producer
RansomHub claims alleged breach of Apple partner Luxshare Read More »
Data Stolen in Eurofiber France Hack 2025-11-18 at 14:32 By Ionut Arghire A threat actor exploited a vulnerability, exfiltrated data, and attempted to extort Eurofiber. The post Data Stolen in Eurofiber France Hack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Data Stolen in Eurofiber France Hack Read More »
Retailers are learning to say no to ransom demands 2025-11-06 at 07:45 By Anamarija Pogorelec Ransomware remains one of the biggest operational risks for retailers, but the latest data shows a shift in how these attacks unfold. Fewer incidents now lead to data encryption, recovery costs have dropped, and businesses are bouncing back faster. Yet
Retailers are learning to say no to ransom demands Read More »
Ransomware, extortion groups adapt as payment rates reach historic lows 2025-10-27 at 15:12 By Zeljka Zorz Ransomware groups are facing an economic downturn of their own: In Q3 2025, only 23 percent of victims paid a ransom, and for data theft incidents that involved no encryption, the payment rate dropped to just 19 percent, according
Ransomware, extortion groups adapt as payment rates reach historic lows Read More »
Leaked Oracle EBS exploit scripts expected to drive new wave of attacks (CVE-2025-61882) 2025-10-07 at 15:36 By Zeljka Zorz Resecurity and watchTowr researchers have analyzed the leaked scripts used by attackers to exploit CVE-2025-61882 on internet-facing Oracle ESB instances. Whether the attackers were Cl0p or LAPSUS$, both, or even additional threat actors is still unknown,
Leaked Oracle EBS exploit scripts expected to drive new wave of attacks (CVE-2025-61882) Read More »
Hackers launch data leak site to extort 39 victims, or Salesforce 2025-10-06 at 17:44 By Zeljka Zorz Scattered Lapsus$ Hunters launched a data leak site over the weekend, aiming to pressure organizations whose Salesforce databases they have plundered into paying to prevent the stolen data from being released. Screenshot of Scattered Lapsus$ Hunters data leak
Hackers launch data leak site to extort 39 victims, or Salesforce Read More »
Cl0p exploits Oracle E-Business Suite zero-day in data theft, extortion campaign (CVE-2025-61882) 2025-10-06 at 15:28 By Zeljka Zorz The Cl0p extortion gang exploited multiple Oracle E-Business Suite (EBS) vulnerabilities, including one zero-day flaw (CVE-2025-61882), “to steal large amounts of data from several victim[s] in August 2025,” Charles Carmakal, CTO at Mandiant – Google Cloud, stated
Hackers Extorting Salesforce After Stealing Data From Dozens of Customers 2025-10-06 at 15:28 By Ionut Arghire Salesforce says the extortion attempts are related to past or unsubstantiated incidents, and not to fresh intrusions. The post Hackers Extorting Salesforce After Stealing Data From Dozens of Customers appeared first on SecurityWeek. This article is an excerpt from
Hackers Extorting Salesforce After Stealing Data From Dozens of Customers Read More »
Oracle Says Known Vulnerabilities Possibly Exploited in Recent Extortion Attacks 2025-10-03 at 13:13 By Eduard Kovacs The software giant’s investigation showed that vulnerabilities patched in July 2025 may be involved. The post Oracle Says Known Vulnerabilities Possibly Exploited in Recent Extortion Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original
Oracle Says Known Vulnerabilities Possibly Exploited in Recent Extortion Attacks Read More »
Oracle customers targeted with emails claiming E-Business Suite breach, data theft 2025-10-02 at 16:19 By Zeljka Zorz Unknown attackers claiming affiliation with the Cl0p extortion gang are hitting business and IT executives at various companies with emails claiming that they have exfiltrated sensitive data from the firms’ Oracle E-Business Suite (EBS). The email campaign According
Oracle customers targeted with emails claiming E-Business Suite breach, data theft Read More »
Agentic AI coding assistant helped attacker breach, extort 17 distinct organizations 2025-08-28 at 15:29 By Zeljka Zorz Cybercriminals have started “vibe hacking” with AI’s help, AI startup Anthropic has shared in a report released on Wednesday. An attacker used the agentic AI coding assistant Claude Code for nearly all steps of a data extortion operation
Agentic AI coding assistant helped attacker breach, extort 17 distinct organizations Read More »