Google Confirms Salesforce Data Breach by ShinyHunters via Vishing Scam

Google confirms a data breach by ShinyHunters hackers, who used a vishing scam to access a Salesforce database with small business customer info...

ShinyHunters Target Chanel in Salesforce Linked Data Breach

ShinyHunters breached Chanel’s US client database via Salesforce-linked access, exposing limited customer details through social engineering tactics...

AccuKnox partners with SecuVerse.ai to deliver Zero Trust CNAPP Security for National Gaming Infrastructure

Menlo Park, California, USA, 7th August 2025, CyberNewsWire...

New Promptware Attack Hijacks User’s Gemini AI Via Google Calendar Invite

Cybersecurity researchers demonstrate a new attack on Google Gemini AI for Workspace. Discover how a simple calendar invite can be used to perform phishing, steal emails, and even control home appliances...

1.2 Million Healthcare Devices and Systems Found Exposed Online – Patient Records at Risk of Exposure, Latest Research from Modat

The Hague, Netherlands, 7th August 2025, CyberNewsWire...

Chinese Groups Stole 115 Million US Cards in 16-Month Smishing Campaign

A SecAlliance report reveals Chinese smishing syndicates compromised 115M US payment cards by bypassing MFA to exploit Apple Pay and Google Wallet...

Hacker Accesses Millions of IMDataCenter Records from Exposed AWS Bucket

Florida firm IMDataCenter exposed 38GB of sensitive data including names, emails and ownership info. At least one hacker accessed and downloaded the files...

The Role of Security Policies in Shaping Organisational Culture and Risk Awareness

Organisational culture, as we know it, isn’t built overnight. It takes shape over time through decisions, habits and…...

KLM Confirms Customer Data Breach Linked to Third-Party System

KLM confirms a data breach exposing customer info via a third-party system, affecting names, contact details and Flying Blue membership data...

Akira Ransomware Hits SonicWall VPNs, Deploys Drivers to Bypass Security

GuidePoint Security uncovers a new Akira ransomware tactic targeting SonicWall VPNs. The group's use of drivers to disable defenses is a significant threat to businesses...

SpyCloud Enhances Investigations Solution with AI-Powered Insights – Revolutionizing Insider Threat and Cybercrime Analysis

Austin, TX, USA, 6th August 2025, CyberNewsWire...

How Top SOCs Defend Against Emerging Threats with Live Attack Data

Disclosure: This article was provided by ANY.RUN. The information and analysis presented are based on their research and findings...

Navigating Cybersecurity Risks in Crypto-Backed Lending

As crypto-backed lending gathers momentum among institutions and everyday users, cybersecurity shadows every new transaction. Billions in digital…...

Over 100 Dell Laptop Models Plagued by Vulnerabilities Impacting Millions

A new Cisco Talos report reveals critical flaws in Dell Latitude and Precision laptops. Find out how hackers can exploit the ControlVault chip to steal sensitive data...

Pandora Cyber Attack Exposes Customer Data Via Third-Party Vendor

Pandora cyber attack exposes customer data via third-party breach. No passwords or payment info leaked, but phishing risks remain...

Discord CDN Link Abused to Deliver RAT Disguised as OneDrive File

Hackers are installing multiple RMMs like Atera and Splashtop in a new malware attack. This article details the abuse of Discord CDN link andn fake OneDrive phishing campaign discovered by Sublime Security...

Hackers Abuse Microsoft 365 Direct Send to Deliver Internal Phishing Emails

A new Proofpoint report reveals how attackers are using Microsoft 365's Direct Send and unsecured SMTP relays to…...

New JSCEAL Malware Targets Millions via Fake Crypto App Ads

JSCEAL malware targets millions using fake crypto app ads to steal wallets and data. Users urged to stay alert and avoid downloading from untrusted sources...

Local Government Cybersecurity: Why Municipal Systems Need Extra Protection

Cybersecurity threats to local governments are part of life in the digital environment in which people live today.…...

LegalPwn Attack Tricks GenAI Tools Into Misclassifying Malware as Safe Code

A new security flaw, LegalPwn, exploits a weakness in generative AI tools like GitHub Copilot and ChatGPT, where malicious code is disguised as legal disclaimers. Learn why human oversight is now more critical than ever for AI security...

Bitdefender Warns Users to Update Dahua Cameras Over Critical Flaws

Security researchers at Bitdefender have found two critical vulnerabilities CVE-2025-31700, CVE-2025-31701 in popular Dahua security cameras, including the Hero C1 model...

Early Bird Registration Now Open for The Inaugural OpenSSL Conference 2025

Newark, United States, 4th August 2025, CyberNewsWire...

New Attack Uses Windows Shortcut Files to Install REMCOS Backdoor

Security firm Point Wild has exposed a new malware campaign using malicious LNK files to install the REMCOS backdoor. This report details how attackers disguise files to gain full system control...

US Government Begins $200M Payouts to Backpage Trafficking Victims

The US DOJ has announced the largest-ever compensation process for human trafficking victims of Backpage. Learn about the $200M fund, who is eligible, and the steps to file a petition before the February 2, 2026, deadline. This comes years after the site's seizure, as previously reported by...

Why Cybersecurity Should Be a Board-Level Priority in Every Company – Perspective from Serhii Mikhalap

Cybersecurity is no longer a technical afterthought, thanks to today’s interconnected world. It’s a boardroom imperative. As online…...

Comp AI secures $2.6M pre-seed to disrupt SOC 2 market

San Francisco, California, 1st August 2025, CyberNewsWire...

Everest Ransomware Claims Mailchimp as New Victim in Relatively Small Breach

Everest ransomware claims Mailchimp breach, leaks 943,000 lines of data. While limited in size, it adds to a spike in global ransomware activity this July...

OnlyFans, Discord ClickFix-Themed Pages Spread Epsilon Red Ransomware

Beware of Epsilon Red ransomware as attackers impersonate Discord, Twitch and OnlyFans using fake verification pages with .HTA files and ActiveX to spread malware...

Researchers Link New SS7 Encoding Attack to Surveillance Vendor Activity

Researchers identify a new SS7 encoding attack used by a surveillance vendor to bypass security and access mobile subscriber data without detection...

Browser Extensions Can Exploit ChatGPT, Gemini in ‘Man in the Prompt’ Attack

Man in the Prompt attack shows how browser extensions can exploit ChatGPT, Gemini and other AI tools to steal data or inject hidden prompts...

Cybersecurity Trends 2025: What’s Really Coming for Your Digital Defenses

Cybersecurity trends in 2025 reveal rising AI threats, quantum risks, and supply chain attacks, pushing firms to adapt or face major data and financial losses...

SonicWall Urges Patch After 3 Major VPN Vulnerabilities Disclosed

watchTowr's latest research details critical SonicWall SMA100 flaws CVE-2025-40596, 40597, 40598. Discover how pre-auth stack/heap overflows and XSS put SSL-VPNs at risk. Patch now!...

Inc Ransomware Claims 1.2TB Data Breach at Dollar Tree

The notorious INC Ransomware group is claiming responsibility for a data breach at Dollar Tree, the American retail…...

TrickBot Behind More Than $724 Million in Crypto Theft and Extortion

Akamai's latest Ransomware Report 2025 reveals "quadruple extortion," new AI-driven tactics by groups like Black Basta, FunkSec, and TrickBot, and growing threats to non-profits. Learn about evolving cyber threats...

AccuKnox partners with CyberKnight to deliver Zero Trust Security for a Leading Global Bank in the UAE.

Menlo Park, United States, 30th July 2025, CyberNewsWire...

New Choicejacking Attack Steals Data from Phones via Public Chargers

Choicejacking is a new USB attack that tricks phones into sharing data at public charging stations, bypassing security prompts in milliseconds...

Allianz Life Data Breach Hits 1.4 Million Customers

Allianz Life Insurance confirms a July 2025 data breach impacting 1.4 million customers, financial pros and employees. Learn how social engineering exploited a third-party CRM, the hallmarks of Scattered Spider tactics, and the broader risks of supply chain vulnerabilities...

SAP NetWeaver Vulnerability Used in Auto-Color Malware Attack on US Firm

Darktrace uncovers the first exploit of a critical SAP NetWeaver vulnerability CVE-2025-31324 to deploy Auto-Color backdoor malware. Learn how this evasive Linux RAT targets systems for remote code execution and how AI-powered defence thwarts multi-stage attacks...

SquareX Discloses Architectural Limitations of Browser DevTools in Debugging Malicious Extensions

Palo Alto, California, 29th July 2025, CyberNewsWire...

How Scattered Spider Used Fake Calls to Breach Clorox via Cognizant

Specops Software's analysis reveals how Scattered Spider's persistent help desk exploitation cost Clorox $400 million. Understand the August 2023 breach, its operational disruption, and critical steps organisations must take to protect against similar social engineering threats...

GLOBAL GROUP Ransomware Claims Breach of Media Giant Albavisión

GLOBAL GROUP Ransomware targets media giant Albavisión, claims 400 GB data theft as it continues hitting global sectors with advanced extortion tactics...

Scattered Spider Launching Ransomware on Hijacked VMware Systems, Google

A new report from Google's GTIG reveals how UNC3944 0ktapus uses social engineering to compromise Active Directory, then exploits VMware vSphere for data theft and direct ransomware deployment. Understand their tactics and learn vital mitigation steps...

macOS Sploitlight Flaw Exposes Apple Intelligence-Cached Data to Attackers

macOS flaw dubbed Sploitlight allows attackers to access Apple Intelligence-cached data by abusing Spotlight plugins, bypassing privacy controls...

Post SMTP Plugin Flaw Allowed Subscribers to Take Over Admin Accounts

If you're running a WordPress site and rely on the Post SMTP plugin for email delivery, there's something…...

Tea App Breach: Women Only Dating Platform Leaks 72K User Images

The "Tea" app, a new and popular social platform for women, confirmed a major data breach affecting users…...

Malicious ISO File Used in Romance Scam Targeting German Speakers

Sublime Security reveals a cunning romance/adult-themed scam targeting German speakers, leveraging Keitaro TDS to deliver an AutoIT-based malware loader. Learn how this sophisticated campaign operates, its deceptive tactics, and the hidden payload...

Arizona Woman Jailed for Helping North Korea in $17M IT Job Scam

Arizona woman jailed 8.5 years for aiding North Korea's $17 million IT job scam, defrauding over 300 US companies. Learn how to protect your business from such sophisticated cybersecurity threats...

Researchers Expose Massive Online Fake Currency Operation in India

Cybersecurity researchers at CloudSEK's STRIKE team used facial recognition and GPS data to expose a massive, over $2…...

BreachForums Resurfaces on Original Dark Web (.onion) Address

BreachForums resurfaces on its original .onion domain amid law enforcement crackdowns, raising questions about its admin, safety and future...

Operation Checkmate: BlackSuit Ransomware’s Dark Web Domains Seized

International law enforcement agencies, including the FBI and Europol, have successfully seized the infrastructure of the notorious BlackSuit ransomware gang in Operation Checkmate. This article details the takedown, BlackSuit's origins, and the ongoing fight against evolving cyber threats...