LATEST ARTICLES
GitHub Account Compromise Led to Salesloft Drift Breach Impacting 22 Companies
Salesloft has confirmed that its GitHub account was the initial entry point in the supply chain breach tied to its Drift application, an incident that has already impacted at least 22 companies. The campaign has been attributed to UNC6395, the same threat actor linked to recent high-profile cloud and SaaS attacks. How the Breach Began…
GhostAction Attack Steals 3,325 Secrets from GitHub Projects
A new supply chain attack called GhostAction has compromised 817 GitHub repositories, stealing at least 3,325 secrets including npm, PyPI, and DockerHub tokens. Researchers at GitGuardian linked the incident to malicious commits designed to harvest CI/CD credentials from open-source projects. How the Attack Started On September 2, 2025, a GitHub user operating under the handle…
Scammers Exploit Grok AI With Video Ad Scam on X
Researchers at Guardio Labs have uncovered a new scam abusing the Grok AI assistant on X (formerly Twitter) to spread malicious links through video ads. The technique, dubbed “Grokking,” tricks the AI into amplifying dangerous content while bypassing the platform’s security filters. How “Grokking” Works The scam begins with attackers running malicious video ads on…
Chess.com Confirms Limited Data Breach via Third-Party Tool
Chess.com has disclosed a limited data breach that affected just over 4,500 users after attackers exploited a third-party file transfer tool earlier this summer. The company emphasized that no passwords or payment data were exposed, and its core platform remains secure. How the Breach Happened According to Chess.com’s statement, the intrusion occurred when attackers gained…
Fake AnyDesk Installer Spreads MetaStealer via ClickFix Scam
Cybersecurity researchers at Huntress have uncovered a malware campaign using a fake AnyDesk installer to spread MetaStealer, relying on the well-known ClickFix social engineering technique. The attack abuses Windows search and user trust in remote access tools to bypass security defenses. How the Scam Works The ClickFix method is a classic trick in which attackers…
New Malware Exploits Windows Character Map for Cryptomining
Darktrace has reported new malware hijacking Windows Character Map to conduct cryptomining attacks, exposing how everyday processes can be weaponized for hidden exploitation. The attack, detected in July 2025, underscores the growing sophistication of cryptojacking campaigns and the risks they pose to enterprise environments. How the Attack Worked On July 22, 2025, Darktrace’s security team…
Android Security Alert: Google Patches 120 Flaws, Including Two Zero-Days
Google has released its September 2025 Android security update, patching 120 vulnerabilities, including two zero-day flaws already exploited in targeted attacks. The update addresses weaknesses across multiple Android components, with fixes available for devices running supported versions. The Two Zero-Days Under Attack Google confirmed active exploitation of two privilege escalation flaws: CVE-2025-38352 — A Linux…
Cloudflare Confirms Data Breach Linked to Salesforce and Salesloft Drift
Cloudflare has confirmed a data breach affecting customer support case data, following the exploitation of its Salesforce environment through the Salesloft Drift supply chain attack. The company stressed that its core systems and infrastructure were not impacted, but sensitive case information tied to customer support was exposed. How the Breach Happened According to Cloudflare’s advisory,…
Leaked ChatGPT Chats Expose User Oversharing Risks
Thousands of ChatGPT conversations leaked online in August 2025, revealing how users treat AI as therapists, lawyers, and confidants. The leak highlighted not just a product flaw, but the risks of oversharing sensitive information with AI chatbots. The exposed data included resumes, personal identifiers, health discussions, and private advice requests. While some assumed a technical…
Amazon Disrupts APT29 Watering Hole Phishing Campaign
Amazon’s threat intelligence team has disrupted a watering hole campaign conducted by APT29, the Russian state-linked threat group also known as Midnight Blizzard. The operation used compromised websites to redirect visitors into a phishing scheme designed to hijack Microsoft accounts through the device code authentication flow. How the Campaign Worked Researchers said APT29 compromised multiple…
WhatsApp 0-Day Exploited in Attacks on iOS and macOS Users
WhatsApp has patched a critical 0-day vulnerability actively exploited against iOS and macOS users. The flaw, tracked as CVE-2025-55177, enabled attackers to deploy zero-click spyware capable of stealing sensitive data without any user interaction. Meta, WhatsApp’s parent company, confirmed that the bug was exploited in targeted attacks against “specific users” and urged all customers to…
TamperedChef Infostealer Spread via Fraudulent PDF Editor Ads
Security researchers have uncovered a large-scale malware campaign distributing an infostealer dubbed TamperedChef through fake PDF editing applications. The campaign relied on Google ads to drive victims to fraudulent websites hosting malicious downloads, blending legitimate branding with carefully timed activation of hidden payloads. How the Campaign Works According to researchers, the attackers built multiple websites…
