The FBI is warning about a new scam where cybercriminals exploit NFT airdrops on the Hedera Hashgraph network to steal crypto from cryptocurrency wallets. […]
Google Exposes Vishing Group UNC6040 Targeting Salesforce with Fake Data Loader App
Google has disclosed details of a financially motivated threat cluster that it said “specialises” in voice phishing (aka vishing) campaigns designed to breach organizations’ Salesforce instances for large-scale data theft and subsequent extortion.
The tech giant’s threat intelligence team is tracking the activity under the moniker UNC6040, which it said exhibits characteristics that align with
The tech giant’s threat intelligence team is tracking the activity under the moniker UNC6040, which it said exhibits characteristics that align with
Media giant Lee Enterprises says data breach affects 39,000 people
Publishing giant Lee Enterprises is notifying over 39,000 people whose personal information was stolen in a February 2025 ransomware attack. […]
Google: Hackers target Salesforce accounts in data extortion attacks
Google has observed hackers claiming to be the ShinyHunters extortion group conducting social engineering attacks against multi-national companies to steal data from organization’s Salesforce platforms. […]
Kerberos AS-REP roasting attacks: What you need to know
Think your passwords are strong enough? AS-REP Roasting is back in the spotlight — and it’s targeting weak spots in Active Directory. Learn more from Specops Software how attackers exploit missing Kerberos pre-auth and how to stop them with strong password policies. […]
Google Warns of Vishing, Extortion Campaign Targeting Salesforce Customers
A financially motivated threat actor employing vishing to compromise Salesforce customers, and extort them.
The post Google Warns of Vishing, Extortion Campaign Targeting Salesforce Customers appeared first on SecurityWeek.
Going Into the Deep End: Social Engineering and the AI Flood
AI is transforming the cybersecurity landscape—empowering attackers with powerful new tools while offering defenders a chance to fight back. But without stronger awareness and strategy, organizations risk falling behind.
The post Going Into the Deep End: Social Engineering and the AI Flood appeared first on SecurityWeek.
Chaos RAT Malware Targets Windows and Linux via Fake Network Tool Downloads
Threat hunters are calling attention to a new variant of a remote access trojan (RAT) called Chaos RAT that has been used in recent attacks targeting Windows and Linux systems.
According to findings from Acronis, the malware artifact may have been distributed by tricking victims into downloading a network troubleshooting utility for Linux environments.
“Chaos RAT is an open-source RAT written in
According to findings from Acronis, the malware artifact may have been distributed by tricking victims into downloading a network troubleshooting utility for Linux environments.
“Chaos RAT is an open-source RAT written in
Your SaaS Data Isn’t Safe: Why Traditional DLP Solutions Fail in the Browser Era
Traditional data leakage prevention (DLP) tools aren’t keeping pace with the realities of how modern businesses use SaaS applications.
Companies today rely heavily on SaaS platforms like Google Workspace, Salesforce, Slack, and generative AI tools, significantly altering the way sensitive information is handled. In these environments, data rarely appears as traditional files or crosses networks
Companies today rely heavily on SaaS platforms like Google Workspace, Salesforce, Slack, and generative AI tools, significantly altering the way sensitive information is handled. In these environments, data rarely appears as traditional files or crosses networks
Compyl Raises $12 Million for GRC Platform
Compyl has raised $12 million in a Series A funding round that will be invested in go-to-market initiatives, hirings, and GRC platform expansion.
The post Compyl Raises $12 Million for GRC Platform appeared first on SecurityWeek.