The ShinyHunters extortion group claims to have stolen over 1.5 billion Salesforce records from 760 companies using compromised Salesloft Drift OAuth tokens. […]
TA558 Uses AI-Generated Scripts to Deploy Venom RAT in Brazil Hotel Attacks
The threat actor known as TA558 has been attributed to a fresh set of attacks delivering various remote access trojans (RATs) like Venom RAT to breach hotels in Brazil and Spanish-speaking markets.
Russian cybersecurity vendor Kaspersky is tracking the activity, observed in summer 2025, to a cluster it tracks as RevengeHotels.
“The threat actors continue to employ phishing emails with invoice
Russian cybersecurity vendor Kaspersky is tracking the activity, observed in summer 2025, to a cluster it tracks as RevengeHotels.
“The threat actors continue to employ phishing emails with invoice
VC giant Insight Partners warns thousands after ransomware breach
New York-based venture capital and private equity firm Insight Partners is notifying thousands of individuals whose personal information was stolen in a ransomware attack. […]
SonicWall warns customers to reset credentials after breach
SonicWall warned customers today to reset credentials after their firewall configuration backup files were exposed in a security breach that impacted MySonicWall accounts. […]
Microsoft: Office 2016 and Office 2019 reach end of support next month
Microsoft reminded customers again this week that Office 2016 and Office 2019 will reach the end of extended support in less than 30 days, on October 14, 2025. […]
Virtual Event Today: Attack Surface Management Summit
SecurityWeek’s Attack Surface Management Virtual Summit is now LIVE and runs today from 11AM – 4PM ET.
The post Virtual Event Today: Attack Surface Management Summit appeared first on SecurityWeek.
Irregular Raises $80 Million for AI Security Testing Lab
Irregular is testing the cybersecurity capabilities of AI models, including Anthropic’s Claude and OpenAI’s ChatGPT.
The post Irregular Raises $80 Million for AI Security Testing Lab appeared first on SecurityWeek.
From ClickFix to MetaStealer: Dissecting Evolving Threat Actor Techniques
ClickFix isn’t just back—it’s mutating. New variants use fake CAPTCHAs, File Explorer tricks & MSI lures to drop MetaStealer. Stay ahead with Huntress’ Tradecraft Tuesday threat briefings. […]
RegScale Raises $30 Million for GRC Platform
RegScale has raised a total of more than $50 million, with the latest investment being used to enhance its platform and expand.
The post RegScale Raises $30 Million for GRC Platform appeared first on SecurityWeek.
Microsoft and Cloudflare disrupt massive RaccoonO365 phishing service
Microsoft and Cloudflare have disrupted a massive Phishing-as-a-Service (PhaaS) operation, known as RaccoonO365, that helped cybercriminals steal thousands of Microsoft 365 credentials. […]