FBI Warns of UNC6040 and UNC6395 Targeting Salesforce Platforms in Data Theft Attacks
The U.S. Federal Bureau of Investigation (FBI) has issued a flash alert to release indicators of compromise (IoCs)…
Apple iPhone Air and iPhone 17 Feature A19 Chips With Spyware-Resistant Memory Safety
î ‚Sep 10, 2025î „Ravie LakshmananSpyware / Vulnerability Apple on Tuesday revealed a new security feature called Memory Integrity Enforcement…
WhatsApp Issues Emergency Update for Zero-Click Exploit Targeting iOS and macOS Devices
î ‚Aug 30, 2025î „Ravie LakshmananZero-Day / Vulnerability WhatsApp has addressed a security vulnerability in its messaging apps for Apple…
Someone Created First AI-Powered Ransomware Using OpenAI’s gpt-oss:20b Model
Cybersecurity company ESET has disclosed that it discovered an artificial intelligence (AI)-powered ransomware variant codenamed PromptLock. Written in…
Salesloft OAuth Breach via Drift AI Chat Agent Exposes Salesforce Customer Data
î ‚Aug 27, 2025î „Ravie LakshmananCloud Security / Threat Intelligence A widespread data theft campaign has allowed hackers to breach…
Key Capabilities Security Leaders Need to Know
î ‚Aug 13, 2025î „The Hacker NewsArtificial Intelligence / Threat Hunting Security operations have never been a 9-to-5 job. For…
New Win-DDoS Flaws Let Attackers Turn Public Domain Controllers into DDoS Botnet via RPC, LDAP
î ‚Aug 10, 2025î „Ravie LakshmananVulnerability / Network Security A novel attack technique could be weaponized to rope thousands of…
Researchers Uncover GPT-5 Jailbreak and Zero-Click AI Agent Attacks Exposing Cloud and IoT Systems
Cybersecurity researchers have uncovered a jailbreak technique to bypass ethical guardrails erected by OpenAI in its latest large…
AI Tools Fuel Brazilian Phishing Scam While Efimer Trojan Steals Crypto from 5,000 Victims
Cybersecurity researchers are drawing attention to a new campaign that’s using legitimate generative artificial intelligence (AI)-powered website building…
Microsoft Releases Urgent Patch for SharePoint RCE Flaw Exploited in Ongoing Cyber Attacks
Microsoft on Sunday released security patches for an actively exploited security flaw in SharePoint and also disclosed details…
EncryptHub Targets Web3 Developers Using Fake AI Platforms to Deploy Fickle Stealer Malware
î ‚Jul 20, 2025î „Ravie LakshmananAI Security / Infostealers The financially motivated threat actor known as EncryptHub (aka LARVA-208 and…
Critical Unpatched SharePoint Zero-Day Actively Exploited, Breaches 75+ Company Servers
î ‚Jul 20, 2025î „Ravie LakshmananZero-Day / Vulnerability A critical security vulnerability in Microsoft SharePoint Server has been weaponized as…