Microsoft has reported that the hacking group Storm-0501 has moved away from traditional ransomware and is now attacking directly in the cloud. Instead of locking individual computers, the group uses cloud tools themselves to steal data, erase backups, and encrypt storage. This makes recovery far harder and raises the pressure on victims to pay. The … Continued
A recently discovered breach involving Salesloft, Drift, and Salesforce has exposed customer data, all due to a compromised OAuth connection. Attackers gained unauthorized access and quietly pulled tokens linking Salesloft’s integration with the Drift AI chat agent, which then gave them access to Salesforce records. This happened between August 8 and August 18, 2025, according … Continued
The cyber-espionage group Blind Eagle (APT-C-36 / TAG-144) has been linked to five separate activity clusters targeting Colombia between May 2024 and July 2025. Most of these attacks were focused on the Colombian government, but several other industries such as defense, healthcare, education, and energy were also affected. The attackers mainly used phishing emails to … Continued
ShadowCaptcha is a newly discovered cyber campaign that has been spreading quietly through compromised WordPress websites. Researchers found that hackers have been injecting malicious code into real websites and redirecting visitors to fake CAPTCHA verification pages. These pages look almost identical to popular services like Google or Cloudflare, which makes them convincing enough to trick … Continued
Farmers Insurance has confirmed a major data breach that has compromised the personal data of more than one million people. The breach occurred through a third-party vendor and has been linked to the wider wave of attacks targeting organizations using Salesforce platforms. Farmers began alerting customers in August 2025 after completing its investigation and confirming … Continued
A major cyberattack has recently been uncovered targeting Indian government agencies. The operation has been linked to Transparent Tribe, also known as APT36, a Pakistan-based hacking group that has repeatedly carried out espionage against India. In this campaign, the hackers are sending phishing emails containing weaponized shortcut files that look like PDF documents but actually … Continued
U.S. healthcare provider DaVita Inc., one of the largest dialysis service companies in the country, has confirmed that a ransomware attack led to the theft of data belonging to nearly 2.7 million people. The company disclosed the incident through a filing with the U.S. Department of Health and Human Services, which listed 2,689,826 individuals affected. … Continued
The Python Package Index (PyPI) has introduced a strong new security measure to protect developers and the open-source community from a growing cyber threat. The platform has blocked over 1,800 email addresses linked to expired domains in order to prevent account takeovers and possible supply chain attacks. Domain resurrection attacks are at the center of … Continued
Security experts have recently found malicious packages hidden in both PyPI and npm, two of the most popular open-source ecosystems. These cases highlight how attackers are targeting developers by abusing dependencies, phishing maintainers, and using social engineering tricks. In the PyPI case, the problem came from two packages called termncolor and colorinal. The package termncolor … Continued
A new leak has revealed that OpenAI is working on a cheaper subscription plan for ChatGPT, called ChatGPT Go. Until now, the company only offered the free version and the $20 per month Plus plan, but this new option is expected to cost much less and could make ChatGPT more accessible to a wider audience. … Continued
