ConnectWise has announced a major security step as it is going to rotate the code-signing certificates used in several of its software products, including ScreenConnect, Automate, and RMM agents. This move comes after a third-party security researcher flagged a possible security concern that could be exploited by attackers. The issue isn’t about any kind of … Continued
A new wave of cyberattacks has hit the corporate world, targeting more than 80,000 Microsoft Entra ID accounts. These attacks were uncovered by cybersecurity experts at Proofpoint, who linked the campaign to a tool called TeamFiltration. This tool is actually an open-source framework originally created for penetration testing but is now being misused by cybercriminals. … Continued
Salesforce has made a quiet but important change to how companies can interact with Slack data. While it was not announced with much fanfare, the impact is already being felt across the enterprise AI space. Slack, which is owned by Salesforce, recently changed its terms and is no longer allowing outside software firms to store … Continued
In recent months, there’s been a major rise in DDoS attacks targeting financial institutions. What’s scary is that these attacks aren’t just increasing in number, they’re also getting way more advanced and harder to detect. Cybercriminals have stopped relying only on traditional “flooding” methods. Now, they’re combining smarter techniques that slip past basic defenses. Banks … Continued
FIN6 hackers are now pretending to be job seekers to hack recruiters. A well-known cybercrime group named FIN6, also known as Skeleton Spider, has come up with a new and clever way to attack companies. This time, instead of directly hacking systems or using ransomware, they are pretending to be job seekers and targeting … Continued
AI-Powered Code Tools Are Creating a “Cybersecurity Powder Keg” The rise of AI-assisted development has transformed the way code is written—faster, more efficient, and increasingly accessible. But there’s a growing concern that this acceleration comes at a cost: security. A recent piece by Dark Reading highlights a growing risk. Developers—especially those new to the field—are … Continued
A newly discovered malware named PathWiper has been used in a cyberattack that seriously impacted a critical infrastructure facility in Ukraine. According to cybersecurity researchers at Cisco Talos, this malware wasn’t launched through traditional hacking techniques but was delivered using a legitimate endpoint management system. This means the attackers likely had administrator-level access, which allowed … Continued
United Natural Foods Inc. (UNFI), the main company that supplies food and goods to Whole Foods Market, was hit by a cyberattack on June 5, 2025. This attack caused major problems in their computer systems, leading to delays in delivering important grocery and pharmacy items to stores across the country. The company found out that … Continued
So, what happened? Researchers found a huge, unsecured database sitting out in the open — 631 gigabytes packed with about 4 billion user records. Yeah, you read that right. Four. Billion. Records. Most of this data comes from Chinese users, and it’s full of sensitive info like names, birthdates, phone numbers, and even financial details … Continued
The FBI has issued a critical cybersecurity alert warning about a sharp increase in infections caused by the BADBOX 2.0 botnet. This sophisticated malware is currently compromising more than one million Android devices, primarily off-brand models, many sourced from Chinese manufacturers. What is BADBOX 2.0? BADBOX 2.0 is an advanced version of the original BADBOX … Continued
