Collaborate Disseminate
Disaster was averted after widely used open-source packages were compromised via social engineering.
The post The npm incident frightened everyone, but ended up being nothing to fret about appeared first on CyberScoop.
Continue reading The npm incident frightened everyone, but ended up being nothing to fret about
The company is ahead of pace, disclosing about 100 more vulnerabilities at this point in the year than it did in 2024, according to a researcher.
The post Microsoft Patch Tuesday addresses 81 vulnerabilities, none actively exploited appeared first on CyberScoop.
Continue reading Microsoft Patch Tuesday addresses 81 vulnerabilities, none actively exploited
Cybercrime hubs in Southeast Asia scammed Americans out of at least $10 billion last year, a 66% increase from 2023, officials said.
The post Treasury Department targets Southeast Asia scam hubs with sanctions appeared first on CyberScoop.
Continue reading Treasury Department targets Southeast Asia scam hubs with sanctions
The company said a threat actor accessed and snooped around its account for months, then stole OAuth tokens for Drift integrations from its cloud environment.
The post Salesloft Drift security incident started with undetected GitHub access appeared first on CyberScoop.
Continue reading Salesloft Drift security incident started with undetected GitHub access
The actively exploited defect, triggered by an attacker’s use of a publicly available sample machine key, underscores the vendor and customers’ poor configuration practices.
The post Sitecore zero-day vulnerability springs up from exposed machine key appeared first on CyberScoop.
Continue reading Sitecore zero-day vulnerability springs up from exposed machine key
An antipiracy coalition of entertainment companies applauded the takedown. The network’s two operators were arrested at their residences in Egypt.
The post Streameast, world’s largest pirated live sports network, shut down by Egyptian authorities appeared first on CyberScoop.
The critical, actively exploited zero-day vulnerabilities affect the Linux kernel and Android runtime.
The post Google patches two Android zero-days, 120 defects total in September security update appeared first on CyberScoop.
Salesloft said the AI chat agent for sales and leads will be taken offline, as investigations into the attack spree widen and reveal more victims.
The post Salesloft Drift attacks hit Cloudflare, Palo Alto Networks, Zscaler appeared first on CyberScoop.
Continue reading Salesloft Drift attacks hit Cloudflare, Palo Alto Networks, Zscaler
Ianis Aleksandrovich Antropenko allegedly committed ransomware attacks from 2018 to 2022. He’s been out on bond since his arrest almost a year ago, despite multiple run-ins with police.
The post Prolific Russian ransomware operator living in California enjoys rare leniency awaiting trial appeared first on CyberScoop.
Researchers said Google Workspace customers were hit, and noted other platforms are impacted as well. Fresh evidence proves impact was not limited to Salesforce, as Salesloft previously claimed.
The post Salesloft Drift compromised en masse, impacting all third-party integrations appeared first on CyberScoop.
Continue reading Salesloft Drift compromised en masse, impacting all third-party integrations