Infosecurity News
Zscaler Customer Info Taken in Salesloft Breach
Zscaler has emerged as the latest corporate victim of a supply chain attack targeting Salesforce data
Silver Fox Exploits Signed Drivers to Deploy ValleyRAT Backdoor
Silver Fox APT abuses Microsoft-signed drivers to kill antivirus and deploy ValleyRAT remote-access backdoor
High-Risk SQLi Flaw Exposes WordPress Memberships Plugin Users
A vulnerability in the WordPress Paid Memberships Subscription plugin could lead to unauthenticated SQL injection on affected sites
Ransomware Attack on Pennsylvania’s AG Office Disrupts Court Cases
Pennsylvania’s Attorney General confirmed the OAG had refused to pay a ransom demand to the attackers after files were encrypted
Amazon Stops Russian APT29 Watering Hole Attack Exploiting Microsoft Auth
The campaign shows APT29’s intentions to “cast a wider net in their intelligence collection efforts,” said Amazon
Salesloft Attacks Target Google Workspace
Adversaries targeting the Salesloft Drift application integration with Salesforce have also compromised Google Workspace accounts
WhatsApp Patches Zero-Day, Zero-Click Flaw
WhatsApp has fixed a zero-day vulnerability linked to a sophisticated cyber-attack
North Korean Hackers Weaponize Seoul Intelligence Files to Target South Koreans
Pyongyang-backed hacking group APT37 leveraged an internal South Korean intelligence briefing in a spear phishing campaign
Npm Package Hijacked to Steal Data and Crypto via AI-Powered Malware
A software supply chain attack targeting Nx marks the first known case where attackers have leveraged developer AI assistants, according to StepSecurity
State-Sponsored Hackers Behind Majority of Vulnerability Exploits
Recorded Future highlighted the vast capabilities of state actors to rapidly weaponize newly disclosed vulnerabilities for geopolitical purposes
TransUnion Data Breach Impacts 4.5 Million US Customers
The credit rating giant revealed that the breach, which occurred on July 28, was caused by unauthorized access to a third-party application
Fake IT Support Attacks Hit Microsoft Teams
Fake IT support lures are being used to trick employees into installing remote‑access tools via Microsoft Teams
Netherlands Confirms China's Salt Typhoon Targeted Small Dutch Telcos
Salt Typhoon’s primary Dutch targets were small internet service providers and hosting providers
Malicious VS Code Extensions Exploit Name Reuse Loophole
Visual Studio Code extensions have been identified exploiting a loophole that allows reuse of names from removed packages
Nevada Confirms Ransomware Attack, State Data Stolen
Nevada’s CIO confirmed in a press conference that ransomware actors had exfiltrated data from state networks, amid an ongoing incident investigation
Chinese Tech Firms Linked to Salt Typhoon Espionage Campaigns
The US, UK and allies have called out China’s “commercial cyber ecosystem” for enabling large-scale Salt Typhoon campaigns
Crypto Companies Freeze $47m in Romance Baiting Funds
Chainalysis, OKX, Binance and Tether have managed to stop nearly $50m reaching romance baiting fraudsters
Ransomware Actor Deletes Data and Backups Post-Exfiltration on Azure
Microsoft observed Storm-0501 pivot to the victim’s cloud environment to exfiltrate data rapidly and prevent the victim’s recovery
CISA Strengthens Software Procurement Security With New Tool
CISA has launched a new Software Acquisition Guide Web Tool to enhance security in software procurement
Researchers Discover First Reported AI-Powered Ransomware
While still in development, PromptLock is described as the “first known AI-powered ransomware” by ESET researchers
