Salesforce has announced that it detected unauthorized activity linked to OAuth connections created by applications published by Gainsight. These apps are widely used by Salesforce customers, and the unusual behavior raised concerns that some customer data may have been accessed without approval. Salesforce stressed that the incident is connected to third-party integrations, not to a … Continued
Cybersecurity researchers have identified a new malicious tool called Matrix Push, which abuses browser notifications to run phishing and malware attacks. It turns the normal web-push feature into a method for attackers to reach users directly. The tool makes fake alerts look completely legitimate. Because of this, many people may not realize they are being … Continued
🛡️ Introduction: Bridging the $5 Million Skill Gap Cybersecurity is all about practical skills. Companies want people who can spot threats, secure systems, and respond fast when something goes wrong. With attacks increasing and everything moving online, knowing the right cybersecurity skills has become more important than ever. Cybersecurity is facing a massive $5 million … Continued
CTM360 has uncovered a large global campaign designed to hijack WhatsApp accounts, known as HackOnChat. The operation uses fake login portals and malicious pages that look identical to official WhatsApp services. These pages trick users into giving attackers access. The goal is to steal active sessions and verification keys. Attackers rely on two main tactics: … Continued
Iran-linked hackers carried out a detailed digital reconnaissance on a commercial ship just days before a real-world missile strike attempt. Security researchers revealed that these hackers mapped the vessel’s AIS data and even accessed its onboard cameras. This activity happened shortly before the physical attack. Experts say the timing shows the cyber actions were connected … Continued
A man from Irvine, California has admitted to laundering millions connected to a massive $230 million cryptocurrency theft. He pleaded guilty to handling at least $25 million of the stolen funds. The theft ranks among the biggest single-victim crypto heists in the United States. Authorities say he played a key role in helping the group … Continued
A major cyber-espionage campaign called Operation “WrtHug” has been uncovered, targeting thousands of ASUS home and small-office routers. Security researchers say the operation is linked to China-based threat actors. The attackers quietly took control of these routers without alerting owners, and experts warn that this campaign is both global and highly sophisticated. The attackers mainly … Continued
Microsoft’s cloud service Azure detected an enormous distributed denial-of-service attack that reached record proportions. The traffic volume peaked at a staggering 15.72 terabits per second and nearly 3.64 billion packets per second. This makes it one of the largest DDoS incidents ever recorded in a cloud environment. The target of the attack was a single … Continued
A new cybersecurity report has revealed a massive leak of employee logins connected to the UK’s biggest companies. Security firm Socura, along with Flare, found over 460,000 stolen credential instances linked to FTSE 100 employees. These credentials were discovered on criminal marketplaces, forums, and dark-web platforms. The scale of exposure has raised serious concerns across … Continued
Google announced that memory-safety vulnerabilities in Android have dropped below 20% of all reported bugs for the first time. This major change is directly linked to the growing use of the Rust programming language in Android’s native code. Rust was introduced to reduce the number of dangerous memory-related issues that were common in older C … Continued
