arstechnica

Google warns that mass data theft hitting Salesloft AI agent has grown bigger

A significant security incident involving the Salesloft Drift AI chat agent has led to the compromise of OAuth tokens, resulting in unauthorized access to Google Workspace email accounts.

High-severity WinRAR 0-day exploited for weeks by 2 groups

A critical zero-day vulnerability in WinRAR has been actively exploited by two Russian cybercrime groups. The attackers used phishing emails with malicious archive attachments to backdoor victim systems.

Google finds custom backdoor being installed on SonicWall network devices

Researchers have identified a campaign by the threat actor UNC6148 targeting SonicWall Secure Mobile Access (SMA) appliances. These appliances manage and secure access by mobile devices and are located at the edge of enterprise networks.

Browser extensions turn nearly 1 million browsers into website-scraping bots

A recent investigation uncovered that 245 browser extensions—installed on nearly 1 million devices—are covertly turning users' browsers into web scraping bots. These extensions, available on Chrome, Firefox, and Edge, embed the MellowTel-jsx library.

Record DDoS pummels site with once-unimaginable 7.3Tbps of junk traffic

A record-breaking DDoS attack has been reported, peaking at an unprecedented 7.3 Tbps. The attack, which lasted just 45 seconds, was designed to overwhelm the target’s infrastructure with a massive volume of junk traffic.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags