Skip to content
network security Page 2

network security

Salesloft OAuth Breach via Drift AI Chat Agent Exposes Salesforce Customer Data

Salesloft OAuth Breach via Drift AI Chat Agent Exposes Salesforce Customer Data

Aug 27, 2025Ravie LakshmananCloud Security / Threat Intelligence A widespread data theft campaign has allowed hackers to breach sales automation platform Salesloft to steal OAuth and refresh tokens associated with the Drift artificial intelligence (AI)… 

Read More »Salesloft OAuth Breach via Drift AI Chat Agent Exposes Salesforce Customer Data
Blind Eagle’s Five Clusters Target Colombia Using RATs, Phishing Lures, and Dynamic DNS Infra

Blind Eagle’s Five Clusters Target Colombia Using RATs, Phishing Lures, and Dynamic DNS Infra

Cybersecurity researchers have discovered five distinct activity clusters linked to a persistent threat actor known as Blind Eagle between May 2024 and July 2025. These attacks, observed by Recorded Future Insikt Group, targeted various victims,… 

Read More »Blind Eagle’s Five Clusters Target Colombia Using RATs, Phishing Lures, and Dynamic DNS Infra
Citrix Patches Three NetScaler Flaws, Confirms Active Exploitation of CVE-2025-7775

Citrix Patches Three NetScaler Flaws, Confirms Active Exploitation of CVE-2025-7775

Aug 26, 2025Ravie LakshmananVulnerability / Remote Code Execution Citrix has released fixes to address three security flaws in NetScaler ADC and NetScaler Gateway, including one that it said has been actively exploited in the wild.… 

Read More »Citrix Patches Three NetScaler Flaws, Confirms Active Exploitation of CVE-2025-7775
New Sni5Gect Attack Crashes Phones and Downgrades 5G to 4G without Rogue Base Station

New Sni5Gect Attack Crashes Phones and Downgrades 5G to 4G without Rogue Base Station

Aug 26, 2025Ravie LakshmananVulnerability / Mobile Security A team of academics has devised a novel attack that can be used to downgrade a 5G connection to a lower generation without relying on a rogue base… 

Read More »New Sni5Gect Attack Crashes Phones and Downgrades 5G to 4G without Rogue Base Station
MixShell Malware Delivered via Contact Forms Targets U.S. Supply Chain Manufacturers

MixShell Malware Delivered via Contact Forms Targets U.S. Supply Chain Manufacturers

Cybersecurity researchers are calling attention to a sophisticated social engineering campaign that’s targeting supply chain-critical manufacturing companies with an in-memory malware dubbed MixShell. The activity has been codenamed ZipLine by Check Point Research. “Instead of… 

Read More »MixShell Malware Delivered via Contact Forms Targets U.S. Supply Chain Manufacturers
ShadowCaptcha Exploits WordPress Sites to Spread Ransomware, Info Stealers, and Crypto Miners

ShadowCaptcha Exploits WordPress Sites to Spread Ransomware, Info Stealers, and Crypto Miners

A new large-scale campaign has been observed exploiting over 100 compromised WordPress sites to direct site visitors to fake CAPTCHA verification pages that employ the ClickFix social engineering tactic to deliver information stealers, ransomware, and… 

Read More »ShadowCaptcha Exploits WordPress Sites to Spread Ransomware, Info Stealers, and Crypto Miners
HOOK Android Trojan Adds Ransomware Overlays, Expands to 107 Remote Commands

HOOK Android Trojan Adds Ransomware Overlays, Expands to 107 Remote Commands

Aug 26, 2025Ravie Lakshmanan Cybersecurity researchers have discovered a new variant of an Android banking trojan called HOOK that features ransomware-style overlay screens to display extortion messages. “A prominent characteristic of the latest variant is… 

Read More »HOOK Android Trojan Adds Ransomware Overlays, Expands to 107 Remote Commands
Google to Verify All Android Developers in 4 Countries to Block Malicious Apps

Google to Verify All Android Developers in 4 Countries to Block Malicious Apps

Aug 26, 2025Ravie LakshmananMobile Security / Data Privacy Google has announced plans to begin verifying the identity of all developers who distribute apps on Android, even for those who distribute their software outside the Play… 

Read More »Google to Verify All Android Developers in 4 Countries to Block Malicious Apps
CISA Adds Three Exploited Vulnerabilities to KEV Catalog Affecting Citrix and Git

CISA Adds Three Exploited Vulnerabilities to KEV Catalog Affecting Citrix and Git

Aug 26, 2025Ravie LakshmananVulnerability / Data Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added three security flaws impacting Citrix Session Recording and Git to its Known Exploited Vulnerabilities (KEV) catalog, based… 

Read More »CISA Adds Three Exploited Vulnerabilities to KEV Catalog Affecting Citrix and Git
UNC6384 Deploys PlugX via Captive Portal Hijacks and Valid Certificates Targeting Diplomats

UNC6384 Deploys PlugX via Captive Portal Hijacks and Valid Certificates Targeting Diplomats

Aug 25, 2025Ravie LakshmananMalware / Cyber Espionage A China-nexus threat actor known as UNC6384 has been attributed to a set of attacks targeting diplomats in Southeast Asia and other entities across the globe to advance… 

Read More »UNC6384 Deploys PlugX via Captive Portal Hijacks and Valid Certificates Targeting Diplomats