Salesforce Customers Targeted by Data-Theft Extortion Campaign
Hackers exploited OAuth tokens in third-party Salesforce integrations, stealing CRM data and extorting affected customers. Salesforce urges clients to rotate credentials.
Category: Data Breaches
Read More
Huawei Data Breach Exposes Partner and Employee Information
Huawei confirmed a data breach stemming from a compromised vendor system, exposing partner and employee records. Security experts warn of new supply-chain risks.
Cisco Firewalls at Risk as Red Hat Reports GitLab Security Incident
Despite Cisco’s warnings, many ASA/FTD firewalls remain vulnerable. Simultaneously, threat actors claim they breached Red Hat’s GitLab instance. This article merges both crisis points and guides the fixes.
South Korea’s Cybersecurity Under Fire After Another Major Breach
South Korea’s cybersecurity faces unprecedented strain after months of continuous data breaches across public and private sectors, revealing deep governance and policy flaws.
CometJacking Turns Browser Sessions into Covert Proxy Channels
CometJacking abuses browser WebSockets to hijack user connections, turning them into proxy nodes with a single click. The exploit marks a new wave of malware-less attacks that rely on web technologies rather than traditional payloads.
Discord Support Partner Compromised, Users’ Details Exposed
A third-party customer support vendor connected to Discord suffered a data breach that exposed personal information. Attackers accessed the vendor’s ticketing system and obtained names, email addresses, usernames, and in some cases scanned government-issued IDs. Crucially, Discord confirmed that its internal infrastructure remained unaffected. Nevertheless, the event underscores the risks created when organizations depend on…
How Detour Dog Exploits DNS TXT for Advanced Malware Delivery
Detour Dog has transitioned into DNS-powered malware operations. Its latest campaign distributes Strela Stealer through TXT-encoded commands and modular backdoors. This evolution marks a new wave of protocol abuse challenging traditional network defense.
Hackers Breach Intelliloan, Expose SSNs and Driver’s Licenses
Intelliloan has notified customers of a March 2025 hack that exposed sensitive PII such as Social Security numbers, driver’s licenses, and financial data across its systems.
Red Hat, GitHub Cyberattack Exposes Customer Information
Hackers breached Red Hat and GitHub in coordinated attacks and stole customer data, underscoring risks even in widely trusted development platforms.
New MatrixPDF Attack Weaponizes PDFs for Phishing Campaigns
Researchers have uncovered a new cybercriminal toolkit called MatrixPDF, designed to transform normal PDF files into weapons for phishing and malware delivery. This toolkit lowers the barrier for attackers. In fact, it provides ready made templates that let even inexperienced hackers craft PDF lures capable of bypassing security filters. As a result, phishing campaigns become…