Tag: breaches

Source URL: https://www.theregister.com/2025/09/04/unknown_miscreants_snooping_around_sitecore/ Source: The Register Title: Attackers snooping around Sitecore, dropping malware via public sample keys Feedly Summary: You cut and pasted the machine key from the official documentation? Ouch Unknown miscreants are exploiting a configuration vulnerability in multiple Sitecore products to achieve remote code execution via a publicly exposed key and deploy snooping…

Cisco Talos Blog: From summer camp to grind season

Sep 4, 2025

—

by

Source URL: https://blog.talosintelligence.com/from-summer-camp-to-grind-season/ Source: Cisco Talos Blog Title: From summer camp to grind season Feedly Summary: Bill takes thoughtful look at the transition from summer camp to grind season, explores the importance of mental health and reflects on AI psychiatry. AI Summary and Description: Yes Summary: This text discusses the ongoing evolution of threats related…

The Register: US puts $10M bounty on three Russians accused of attacking critical infrastructure

Sep 4, 2025

—

by

Source URL: https://www.theregister.com/2025/09/04/us_10m_bounty_fsb_attackers/ Source: The Register Title: US puts $10M bounty on three Russians accused of attacking critical infrastructure Feedly Summary: Seven-year-old Cisco vuln that remains inexplicably unpatched is their way in The US State Department has put a $10 million bounty on the heads of three Russians accused of being intelligence agents hacking America’s…

Cloud Blog: ViewState Deserialization Zero-Day Vulnerability in Sitecore Products (CVE-2025-53690)

Sep 3, 2025

—

by

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/viewstate-deserialization-zero-day-vulnerability/ Source: Cloud Blog Title: ViewState Deserialization Zero-Day Vulnerability in Sitecore Products (CVE-2025-53690) Feedly Summary: Written by: Rommel Joven, Josh Fleischer, Joseph Sciuto, Andi Slok, Choon Kiat Ng In a recent investigation, Mandiant Threat Defense discovered an active ViewState deserialization attack affecting Sitecore deployments leveraging sample machine keys that had been exposed in…

The Cloudflare Blog: The impact of the Salesloft Drift breach on Cloudflare and our customers

—

by

Source URL: https://blog.cloudflare.com/response-to-salesloft-drift-incident/ Source: The Cloudflare Blog Title: The impact of the Salesloft Drift breach on Cloudflare and our customers Feedly Summary: An advanced threat actor, GRUB1, exploited the integration between Salesloft’s Drift chat agent and Salesforce to gain unauthorized access to Salesforce tenants of Cloudflare and many other companies. AI Summary and Description: Yes…

The Register: Zscaler latest victim of Salesloft Drift attacks, customer data exposed

—

by

Source URL: https://www.theregister.com/2025/09/02/zscaler_customer_data_drift_compromise/ Source: The Register Title: Zscaler latest victim of Salesloft Drift attacks, customer data exposed Feedly Summary: Joins Google, Palo Alto Networks in the ever-growing supply chain compromise Zscaler is the latest company to disclose some of its customers’ data was exposed in the recent spate of Salesloft Drift attacks affecting Salesforce databases.……

The Register: Salesforce sacrifices 4,000 support jobs on the altar of AI

—

by

Source URL: https://www.theregister.com/2025/09/02/salesforce_4000_jobs_ai/ Source: The Register Title: Salesforce sacrifices 4,000 support jobs on the altar of AI Feedly Summary: Benioff boasts bots now handle half of customer chats as doubts over reliability linger Speaking ahead of Labor Day – celebrated in the US to recognize the nation’s labor movement – Salesforce CEO and co-founder Marc…

The Register: In the rush to adopt hot new tech, security is often forgotten. AI is no exception

—

by

Source URL: https://www.theregister.com/2025/09/02/exposed_ollama_servers_insecure_research/ Source: The Register Title: In the rush to adopt hot new tech, security is often forgotten. AI is no exception Feedly Summary: Cisco finds hundreds of Ollama servers open to unauthorized access, creating various nasty risks Cisco’s Talos security research team has found over 1,100 Ollama servers exposed to the public internet,…

The Register: WhatsApp warns of ‘attack against specific targeted users’

Sep 1, 2025

—

by