βοΈ The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft βοΈ
π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
The recent masstheft of authentication tokens from Salesloft, whose AI chatbot is used by a broad swath of corporate America to convert customer interaction into Salesforce leads, has left many companies racing to invalidate the stolen credentials before hackers can exploit them. Now Google warns the breach goes far beyond access to Salesforce data, noting the hackers responsible also stole valid authentication tokens for hundreds of online services that customers can integrate with Salesloft, including Slack, Google Workspace, Amazon S3, Microsoft Azure, and OpenAI.π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Krebs on Security
The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft
The recent mass-theft of authentication tokens from Salesloft, whose AI chatbot is used by a broad swath of corporate America to convert customer interaction into Salesforce leads, has left many companies racing to invalidate the stolen credentials beforeβ¦
ποΈ Android Droppers Now Deliver SMS Stealers and Spyware, Not Just Banking Trojans ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers are calling attention to a new shift in the Android malware landscape where dropper apps, which are typically used to deliver banking trojans, to also distribute simpler malware such as SMS stealers and basic spyware. These campaigns are propagated via dropper apps masquerading as government or banking apps in India and other parts of Asia, ThreatFabric said in a report.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ β‘ Weekly Recap: WhatsApp 0-Day, Docker Bug, Salesforce Breach, Fake CAPTCHAs, Spyware App & More ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity today is less about single attacks and more about chains of small weaknesses that connect into big risks. One overlooked update, one misused account, or one hidden tool in the wrong hands can be enough to open the door. The news this week shows how attackers are mixing methodscombining stolen access, unpatched software, and clever tricks to move from small entry points to large.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Silver Fox Exploits Signed Drivers to Deploy ValleyRAT Backdoor π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Silver Fox APT abuses Microsoftsigned drivers to kill antivirus and deploy ValleyRAT remoteaccess backdoor.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Silver Fox Exploits Signed Drivers to Deploy ValleyRAT Backdoor
Silver Fox APT abuses Microsoft-signed drivers to kill antivirus and deploy ValleyRAT remote-access backdoor
π High-Risk SQLi Flaw Exposes WordPress Memberships Plugin Users π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A vulnerability in the WordPress Paid Memberships Subscription plugin could lead to unauthenticated SQL injection on affected sites.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
High-Risk SQLi Flaw Exposes WordPress Memberships Plugin Users
A vulnerability in the WordPress Paid Memberships Subscription plugin could lead to unauthenticated SQL injection on affected sites
ποΈ Malicious npm Package nodejs-smtp Mimics Nodemailer, Targets Atomic and Exodus Wallets ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have discovered a malicious npm package that comes with stealthy features to inject malicious code into desktop apps for cryptocurrency wallets like Atomic and Exodus on Windows systems. The package, named nodejssmtp, impersonates the legitimate email library nodemailer with an identical tagline, page styling, and README descriptions, attracting a total of 347.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Malicious npm Package nodejs-smtp Mimics Nodemailer, Targets Atomic and Exodus Wallets ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have discovered a malicious npm package that comes with stealthy features to inject malicious code into desktop apps for cryptocurrency wallets like Atomic and Exodus on Windows systems. The package, named nodejssmtp, impersonates the legitimate email library nodemailer with an identical tagline, page styling, and README descriptions, attracting a total of 347.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Zscaler Customer Info Taken in Salesloft Breach π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Zscaler has emerged as the latest corporate victim of a supply chain attack targeting Salesforce data.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Zscaler Customer Info Taken in Salesloft Breach
Zscaler has emerged as the latest corporate victim of a supply chain attack targeting Salesforce data
π Zscaler Customer Info Taken in Salesloft Breach π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Zscaler has emerged as the latest corporate victim of a supply chain attack targeting Salesforce data.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Zscaler Customer Info Taken in Salesloft Breach
Zscaler has emerged as the latest corporate victim of a supply chain attack targeting Salesforce data
π’ Anthropic admits hackers have 'weaponized' its tools β and cyber experts warn it's a terrifying glimpse into 'how quickly AI is changing the threat landscape' π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Security experts say Anthropic's recent admission that hackers have "weaponized" its AI tools gives us a terrifying glimpse into the future of cyber crime.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Anthropic admits hackers have 'weaponized' its tools β and cyber experts warn it's a terrifying glimpse into 'how quickly AI isβ¦
Anthropic researchers discovered ransomware made via vibe-coding and North Koreans getting jobs in the US with chatbots
π’ Google says 'claims of a major Gmail security warning are false' following recent media reports π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Reports of a massive Gmail hack affecting billions of users have been denied by Google.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Google says 'claims of a major Gmail security warning are false' following recent media reports
Reports of a massive Gmail hack affecting billions of users have been denied by Google
π¦Ώ How to Secure Your Email Via Encryption and Password Management π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
From emailing vendors to communicating with team members, serious business happens in the inbox. That's why it's critical to secure it. These TechRepublic Premium resources can help.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
How to Secure Your Email Via Encryption and Password Management
From emailing vendors to communicating with team members, serious business happens in the inbox.
ποΈ Shadow AI Discovery: A Critical Part of Enterprise AI Governance ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The Harsh Truths of AI Adoption MITs State of AI in Business report revealed that while 40 of organizations have purchased enterprise LLM subscriptions, over 90 of employees are actively using AI tools in their daily work. Similarly, research from Harmonic Security found that 45.4 of sensitive AI interactions are coming from personal email accounts, where employees are bypassing corporate.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
β€1
ποΈ Ukrainian Network FDN3 Launches Massive Brute-Force Attacks on SSL VPN and RDP Devices ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have flagged a Ukrainian IP network for engaging in massive bruteforce and password spraying campaigns targeting SSL VPN and RDP devices between June and July 2025. The activity originated from a Ukrainebased autonomous system FDN3 AS211736, per French cybersecurity company Intrinsec. "We believe with a high level of confidence that FDN3 is part of a wider abusive.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Silver Fox Exploits Microsoft-Signed WatchDog Driver to Deploy ValleyRAT Malware ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The threat actor known as Silver Fox has been attributed to abuse of a previously unknown vulnerable driver associated with WatchDog Antimalware as part of a Bring Your Own Vulnerable Driver BYOVD attack aimed at disarming security solutions installed on compromised hosts. The vulnerable driver in question is "amsdk.sys" version 1.0.600, a 64bit, validly signed Windows kernel device driver.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π UK NCSC Supports Public Disclosure for AI Safeguard Bypass Threats π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The UK National Cyber Security Centre thinks public disclosure programs could help mitigate AI safety threats.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
UK NCSC Supports Public Disclosure for AI Safeguard Bypass Threats
The UK National Cyber Security Centre thinks public disclosure programs could help mitigate AI safety threats
π Jaguar Cyber Incident "Severely Disrupts" Sales and Operations π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Jaguar has proactively shut down systems to mitigate the impact of the incident, amid reports that workers at a UK manufacturing plant had been told to stay at home.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Jaguar Cyber Incident "Severely Disrupts" Sales and Operations
Jaguar has proactively shut down systems to mitigate the impact of the incident, amid reports that workers at a UK manufacturing plant had been told to stay at home
π’ Blackpoint Cyber and NinjaOne partner to bolster MSP cybersecurity π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The collaboration combines Blackpoint Cybers MDR expertise with NinjaOnes automated endpoint management platform.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ChannelPro
Blackpoint Cyber and NinjaOne partner to bolster MSP cybersecurity
The collaboration combines Blackpoint Cyberβs MDR expertise with NinjaOneβs automated endpoint management platform
π’ The Salesloft Drift victim list keeps growing: Zscaler is the latest to confirm a breach, warning customers to remain wary of follow-up phishing attacks π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The company has warned customers that their data may have been accessed, saying it's implemented extra safeguards in response.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
The Salesloft Drift victim list keeps growing: Zscaler is the latest to confirm a breach, warning customers to remain wary of followβ¦
The company has warned customers that their data may have been accessed, saying it's implemented extra safeguards in response
π Azure AD Credentials Exposed in Public App Settings File π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Experts have revealed an Azure AD vulnerability exposing ClientId and ClientSecret in a publicly accessible appsettings.json file.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Azure AD Credentials Exposed in Public App Settings File
Experts have revealed an Azure AD vulnerability exposing ClientId and ClientSecret in a publicly accessible appsettings.json file
π Malicious npm Package Masquerades as Popular Email Library π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A malicious npm package nodejssmtp has been discovered impersonating nodemailer and injecting code to drain crypto wallets.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Malicious npm Package Masquerades as Popular Email Library
A malicious npm package βnodejs-smtpβ has been discovered impersonating nodemailer and injecting code to drain crypto wallets