Cybersecurity
-
Lovesac confirms data breach after ransomware attack claims
Source: BleepingComputerRead more: Lovesac confirms data breach after ransomware attack claimsLovesac, an American furniture brand, has confirmed a data breach resulting from a ransomware attack. This incident has compromised personal…
-
Salesloft Breached via GitHub Account Compromise
Source: Dark ReadingRead more: Salesloft Breached via GitHub Account CompromiseSalesloft’s breach involving a compromised GitHub account has led to a significant supply chain attack affecting hundreds of Salesforce instances.…
-
Sports streaming piracy service with 123M yearly visits shut down
Source: BleepingComputerRead more: Sports streaming piracy service with 123M yearly visits shut downThe Calcio sports streaming piracy service, which garnered over 120 million visits in the last year, has been dismantled. This…
-
Supreme Court blocks FTC commissioner Slaughter’s reinstatement
Source: CyberScoopRead more: Supreme Court blocks FTC commissioner Slaughter’s reinstatementThe Supreme Court has blocked the reinstatement of FTC commissioner Slaughter, signaling skepticism towards lower court victories by Democratic commissioners.…
-
Hackers hijack npm packages with 2 billion weekly downloads in supply chain attack
Source: BleepingComputerRead more: Hackers hijack npm packages with 2 billion weekly downloads in supply chain attackIn a significant cybersecurity incident, attackers compromised a maintainer’s account and injected malware into NPM packages that collectively have over…
-
Salesloft: March GitHub repo breach led to Salesforce data theft attacks
Source: BleepingComputerRead more: Salesloft: March GitHub repo breach led to Salesforce data theft attacksSalesloft reported that attackers breached its GitHub account in March, resulting in the theft of OAuth tokens. These tokens were…
-
GitHub Account Compromise Led to Salesloft Drift Breach Affecting 22 Companies
Source: The Hacker NewsRead more: GitHub Account Compromise Led to Salesloft Drift Breach Affecting 22 CompaniesSalesloft has disclosed that a security breach linked to its Drift application was initiated through the compromise of its GitHub…
-
Chinese Spies Impersonated US Lawmaker to Deliver Malware to Trade Groups: Report
Source: SecurityWeekRead more: Chinese Spies Impersonated US Lawmaker to Deliver Malware to Trade Groups: ReportChinese cyber espionage group APT41 used a false identity to send malware-laden emails on behalf of US Rep. John Moolenaar…
-
GPUGate Malware Uses Google Ads and Fake GitHub Commits to Target IT Firms
Source: The Hacker NewsRead more: GPUGate Malware Uses Google Ads and Fake GitHub Commits to Target IT FirmsCybersecurity researchers have identified a sophisticated malware campaign that utilizes paid Google ads to distribute malware to users searching for…
-
Secrets at Risk: How Misconfigurations and Mistakes Expose Critical Credentials
Source: Tenable ResearchRead more: Secrets at Risk: How Misconfigurations and Mistakes Expose Critical CredentialsA report highlights the alarming rates at which organizations expose sensitive credentials, termed secrets, in cloud environments. This mismanagement can…