Critical Risk: BADCANDY Re-Infection on Unpatched IOS XE
BADCANDY continues to compromise exposed Cisco IOS XE devices via CVE-2023-20198. Close the web UI exposure, patch now, rotate credentials, and verify eradication.
Read More
Unauthorized Data Access in Salesforce Published Applications
Salesforce has flagged a significant incident where applications published by Gainsight enabled unauthorized access to customer data via OAuth tokens. This article breaks down what happened, why third-party integrations are the new attack surface, and how defenders can respond immediately.
How Cursor and AWS Bedrock Can Trigger Runaway Cloud Costs
A misconfiguration in Cursor’s integration with AWS Bedrock allows non-admin users or attackers with minimal access to raise spending caps and drain cloud budgets rapidly. Here’s what happened, why it matters, and how to secure your AI-cloud environment.
Hackers Claim Water Plant Attack But It Was a Honeypot All Along
A new cyberattack demonstrates how hacktivists target critical infrastructure with increasing precision. In this case, attackers believed they breached a real water treatment facility, yet the environment was a sophisticated decoy — a honeypot designed to study intrusions into industrial control systems (ICS).
YouTube Malware Campaign Uses 3,000+ Compromised Videos
Threat actors behind a coordinated network on YouTube have uploaded over 3,000 videos that masquerade as software tutorials and cheat walkthroughs, yet lead to credential‐stealer malware downloads. The operation uses compromised channels, fake engagement and download links to evade detection posing a new category of platform-based threat for security teams.
Cisco ASA Zero-Day Alerts Ignored, Thousands of Devices at Risk
Despite Cisco and global agencies issuing urgent zero-day alerts, nearly 48,000 Cisco ASA firewalls remain vulnerable and exposed to ongoing exploit campaigns.
Android Photo Frames Download Malware, Granting Control
Researchers identified Android-based photo frames that auto-download malware at boot, then execute payloads after each restart. Consequently, attackers gain control on rooted devices with disabled SELinux and weak signing.
FBI Operation Shuts Down ShinyHunters’ Extortion Site
Federal authorities dismantled the ShinyHunters group’s Salesforce-branded extortion site, marking a major victory against cybercrime networks that traded in stolen corporate data and customer credentials.
Cyber Gangs Use RMM to Hijack Freight Loads
Criminal crews deploy legitimate RMM tools inside carriers and brokers, then hijack booking and dispatch to steal real freight. This body explains how access lands, which artifacts reveal the intrusion, and what controls stop RMM-driven cargo theft without breaking logistics operations or delaying shipments.
Google Warns of ‘AI Psychosis’ in New Safety Report
Google has warned of “AI psychosis” a hidden risk where prolonged chatbot interactions could distort user beliefs and behaviors. Its latest safety report calls for industry standards and oversight, highlighting risks to children, social well-being, and democratic discourse.