News
Upcoming Events
All times are Eastern Time (GMT/UTC -4h)
Microsoft: Anti-spam bug blocks links in Exchange Online, Teams
issue that causes an anti-spam service to mistakenly block Exchange Online and Microsoft Teams users from opening URLs...Read more
Google misled users about their privacy and now owes them $425m, says court
Google continued to collect data about how people were using their apps, even after they switched off data collection...Read more
Hackers hide behind Tor in exposed Docker API breaches
new tooling that does not deploy a miner but a more complex payload that can block access to compromised Docker APIs....Read more
Apple iPhone Air and iPhone 17 Feature A19 Chips With Spyware-Resistant Memory Safety
Memory Integrity Enforcement (MIE) offers "always-on memory safety protection" across critical attack surfaces...Read more
Record-breaking 11.5 Tbps UDP Flood DDoS Attack Originated from Google Cloud Platform
Cloudflare recently reported that it stopped a huge DDoS cyber attack originating from GCP...Read more
Integrated Oncology Network Caught Up in Data Breach
The network first learned of the incident on April 11, 2025....Read more
Zscaler data breach exposes customer info after Salesloft Drift compromise
threat actors gained access to its Salesforce instance and stole customer info, contents of support cases....Read more
A Primer on Forensic Investigation of Salesforce Security Incidents
investigating Salesforce security incidents with logs, permissions, and backups to strengthen response and resilience....Read more
Threat Brief: Salesloft Drift Integration Used To Compromise Salesforce Instances
From 8-18 August 2025, a threat actor utilized compromised OAuth credentials to exfiltrate data from affected customers...Read more
TransUnion suffers data breach impacting over 4.4 million people
another Salesforce data theft attack...Read more
Microsoft to enforce MFA for Azure resource management in October
Starting in October, Microsoft will enforce MFA for all Azure resource management actions...Read more
The intruder is in the house: Storm-0501 attacked Azure, stole data, demanded payment via Teams
broke into a large org's on-premises and cloud environments, ultimately exfiltrating and destroying data within Azure...Read more
Scammers turn to ‘ghost-tapping’ retail fraud to launder funds
“ghost-tapping” — when stolen payment card details are uploaded onto a burner phone and used in-person to purchase...Read more
New HTTP/2 'MadeYouReset' Vulnerability Enables Large-Scale DoS Attacks
"MadeYouReset bypasses the server-imposed limit of 100 concurrent HTTP/2 requests per TCP connection from a client...Read more