Google has warned that the recent Salesloft OAuth breach, attributed to threat group UNC6395, is not limited to Salesforce as initially reported. Instead, the attack affects all third-party SaaS integrationsRead More →
A newly discovered phishing campaign is leveraging a Unicode homoglyph trick to impersonate Booking.com and distribute malicious MSI installers capable of delivering infostealers or remote access trojans (RATs). This attack,Read More →
Two previously unknown zero-day vulnerabilities in Microsoft SharePoint Server (on-premises) are being actively exploited in the wild as part of a highly coordinated espionage campaign. Microsoft has linked these attacksRead More →
A newly disclosed pair of critical vulnerabilities in Sudo — the powerful Unix/Linux command-line tool that allows users to run commands as root — poses a significant local privilege escalationRead More →
The rise of sophisticated digital tools and artificial intelligence has revolutionized many aspects of business and finance, but it has also created new opportunities for fraudulent activities. Among the mostRead More →
A coordinated law enforcement operation in France has resulted in the arrest of key figures behind BreachForums, one of the most active and influential marketplaces for cybercriminals in recent years.Read More →
Victoria’s Secret, the globally recognized lingerie and fashion retailer, has taken its U.S. e-commerce website offline and limited some in-store services following a confirmed cybersecurity incident. While details remain sparse,Read More →
Helm has revolutionized how Kubernetes applications are deployed. A single helm install can launch a fully functioning stack in seconds. But a new report by Microsoft Defender for Cloud revealsRead More →
Meta has disclosed a critical security vulnerability in WhatsApp for Windows—tracked as CVE-2025-30401—which could allow remote attackers to execute arbitrary code on victim systems. The flaw affects all versions priorRead More →
