Please turn on your JavaScript for this page to function normally.
Red Hat
Hackers claim to have plundered Red Hat’s GitLab repos

The Crimson Collective, an emerging extortion / hacker group, has made a bombshell claim on their Telegram channel: they have gained access to Red Hat’s GitLab and have …

GitHub
Ongoing malvertising campaign targets European IT workers with fake GitHub Desktop installers

Researchers have spotted a malvertising (and clever malware delivery) campaign targeting IT workers in the European Union with fake GitHub Desktop installers. “We …

supply chain
Salesloft Drift data breach: Investigation reveals how attackers got in

The attack that resulted in the Salesloft Drift data breach started with the compromise of the company’s GitHub account, Salesloft confirmed this weekend. Supply chain …

Agentic AI
Agentic AI coding assistant helped attacker breach, extort 17 distinct organizations

Cybercriminals have started “vibe hacking” with AI’s help, AI startup Anthropic has shared in a report released on Wednesday. An attacker used the agentic AI …

Salesforce
Hundreds of Salesforce customer orgs hit in clever attack with potentially huge blast radius

A threat group Google tracks as UNC6395 has pilfered troves of data from Salesforce corporate instances, in search of credentials that can be used to compromise those …

infostealers
Noodlophile infostealer is hiding behind fake copyright and PI infringement notices

Attackers pushing the Noodlophile infostealer are targeting businesses with spear-phishing emails threatening legal action due to copyright or intellectual property …

SonicWall
Trojanized SonicWall NetExtender app exfiltrates VPN credentials

Unknown attackers have trojanized SonicWall’s SSL-VPN NetExtender application, the company has warned on Monday, and have been tricking users into downloading it from a …

Microsoft Exchange
Researchers unearth keyloggers on Outlook login pages

Unknown threat actors have compromised internet-accessible Microsoft Exchange Servers of government organizations and companies around the world, and have injected the …

Salesforce
Attackers fake IT support calls to steal Salesforce data

Over the past several months, a threat group has been actively breaching organizations’ Salesforce instances and exfiltrating customer and business data, Google Threat …

hand
Lumma Stealer Malware-as-a-Service operation disrupted

A coordinated action by US, European and Japanese authorities and tech companies like Microsoft and Cloudflare has disrupted the infrastructure behind Lumma Stealer, the most …

Hertz
Hertz data breach: Customers in US, EU, UK, Australia and Canada affected

American car rental company Hertz has suffered a data breach linked to last year’s exploitation of Cleo zero-day vulnerabilities by a ransomware gang. The breach …

Europe
North Korean IT workers set their sights on European organizations

North Korean IT workers are expanding their efforts beyond the US, and are seeking to fraudulently gain employment with organizations around the world, but most especially in …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools