Data Breach

ThreatsDay Bulletin: MS Teams Breach, MFA Hijacking, $2B Crypto Theft, Apple Siri Investigation & More

Cybersecurity threats are advancing faster than ever, with attackers increasingly combining social engineering, AI-driven manipulation, and cloud exploitation to target systems once deemed secure. From communication platforms to smart devices, every technological convenience simultaneously expands the potential attack surface. This edition of ThreatsDay Bulletin highlights these overlapping risks and the necessary measures to maintain trust in […]

ThreatsDay Bulletin: MS Teams Breach, MFA Hijacking, $2B Crypto Theft, Apple Siri Investigation & More Read More »

Lapsus$ Hunters Launch New Leak Site to Publish Data Stolen from Salesforce

The cybercriminal collective known as Scattered Lapsus$ Hunters has intensified their extortion efforts by launching a dedicated leak portal aimed at publishing stolen Salesforce data. This alliance, which includes prominent threat actors such as ShinyHunters, Scattered Spider, and Lapsus$, represents a new level of sophistication in ransomware-as-a-service operations, specifically targeting one of the most widely

Lapsus$ Hunters Launch New Leak Site to Publish Data Stolen from Salesforce Read More »

Hackers Abuse Legitimate Database Commands to Actively Compromise Databases

A new wave of sophisticated ransomware attacks is targeting organizations worldwide by abusing legitimate database commands, bypassing traditional security tools through “malware-free” operations. Unlike typical ransomware that relies on malicious binaries to encrypt files, attackers are exploiting exposed database services, using standard database functionality to steal, erase, and demand ransom for critical information. This technique

Hackers Abuse Legitimate Database Commands to Actively Compromise Databases Read More »

Crimson Collective Uses AWS Services to Exfiltrate Sensitive Data

A newly surfaced threat actor, calling itself Crimson Collective, has been observed targeting Amazon Web Services, AWS, environments to steal valuable data and pressure organizations with extortion. Recent claims by the group allege they breached Red Hat, taking private repositories from Red Hat’s GitLab instance. This activity signals a worrying shift toward cloud-centric attacks, and

Crimson Collective Uses AWS Services to Exfiltrate Sensitive Data Read More »

FreePBX SQL Injection Flaw Exploited to Alter Database Records

A critical, unauthenticated SQL injection vulnerability in FreePBX is being actively exploited, posing a severe risk to VoIP infrastructures worldwide. Attackers are abusing a web endpoint to inject database entries, create scheduled tasks, and ultimately run arbitrary code on compromised systems. What is affected, and why it matters FreePBX, the web-based administrative interface commonly used

FreePBX SQL Injection Flaw Exploited to Alter Database Records Read More »

Shuyal Stealer Targets 19 Browsers to Harvest Login Credentials

Shuyal Stealer has quickly become one of the most flexible credential theft tools observed in recent months. First seen in early August, its modular design enables it to target a wide variety of web browsers, including Chromium-based, Gecko-based, and legacy engines, making it a high-risk threat for many environments. Early signs and impact Initial indicators

Shuyal Stealer Targets 19 Browsers to Harvest Login Credentials Read More »

Microsoft Events Vulnerability Exposes User Data from Registration and Waitlist Databases

A major security vulnerability was discovered in the Microsoft Events platform, which could have allowed unauthorized access to personal information stored in two separate databases — the event registration list and the waitlist database. Discovery of the Flaw The issue was identified by a 15-year-old bug bounty researcher, known as Faav, who uncovered that the flaw exposed

Microsoft Events Vulnerability Exposes User Data from Registration and Waitlist Databases Read More »

XWorm 6.0 Resurfaces with Over 35 Plugins, Upgraded Data Theft Features

Cybersecurity experts have closely monitored the development of XWorm malware, evolving it into a highly adaptable tool capable of executing a broad range of malicious operations on infected systems. Trellix researchers Niranjan Hegde and Sijo Jacob explained, “XWorm’s architecture is modular, consisting of a core client and multiple specialized components known as plugins. Each plugin

XWorm 6.0 Resurfaces with Over 35 Plugins, Upgraded Data Theft Features Read More »

Red Hat Data Breach, Hackers Claim Access to 28K Private GitHub Repositories

A hacking group calling itself the Crimson Collective has allegedly carried out one of the most severe breaches in recent memory, targeting Red Hat’s private GitHub repositories. According to their claims, nearly 570GB of compressed data was extracted from more than 28,000 internal repositories, making this incident a potential milestone in the history of technology-related

Red Hat Data Breach, Hackers Claim Access to 28K Private GitHub Repositories Read More »

Salesforce Fixes Critical ForcedLeak Bug Exposing CRM Data Through AI Prompt Injection

Cybersecurity researchers have disclosed a major flaw in Salesforce Agentforce, a platform designed for building AI-powered agents. The vulnerability, codenamed ForcedLeak (CVSS score: 9.4), could have enabled attackers to exfiltrate sensitive data from Salesforce’s CRM system using an indirect AI prompt injection. The issue was discovered and reported by Noma Security on July 28, 2025.

Salesforce Fixes Critical ForcedLeak Bug Exposing CRM Data Through AI Prompt Injection Read More »