Tag: monitoring

Source URL: https://www.docker.com/blog/docker-acquires-mcp-defender-ai-agent-security/ Source: Docker Title: Docker Acquisition of MCP Defender Helps Meet Challenges of Securing the Agentic Future Feedly Summary: Docker, Inc.®, a provider of cloud-native and AI-native development tools, infrastructure, and services, today announced the acquisition of MCP Defender, a company founded to secure AI applications. The rapid evolution of AI-from simple generative…

The Cloudflare Blog: Addressing the unauthorized issuance of multiple TLS certificates for 1.1.1.1

Sep 4, 2025

—

by

Source URL: https://blog.cloudflare.com/unauthorized-issuance-of-certificates-for-1-1-1-1/ Source: The Cloudflare Blog Title: Addressing the unauthorized issuance of multiple TLS certificates for 1.1.1.1 Feedly Summary: Unauthorized TLS certificates were issued for 1.1.1.1 by a Certification Authority without permission from Cloudflare. These rogue certificates have now been revoked. AI Summary and Description: Yes Summary: The text describes a serious incident involving…

The Register: Crims claim HexStrike AI penetration tool makes quick work of Citrix bugs

Sep 3, 2025

—

by

Source URL: https://www.theregister.com/2025/09/03/hexstrike_ai_citrix_exploits/ Source: The Register Title: Crims claim HexStrike AI penetration tool makes quick work of Citrix bugs Feedly Summary: LLMs and 0-days – what could possibly go wrong? Attackers on underground forums claimed they were using HexStrike AI, an open-source red-teaming tool, against Citrix NetScaler vulnerabilities within hours of disclosure, according to Check…

Cloud Blog: ViewState Deserialization Zero-Day Vulnerability in Sitecore Products (CVE-2025-53690)

Sep 3, 2025

—

by

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/viewstate-deserialization-zero-day-vulnerability/ Source: Cloud Blog Title: ViewState Deserialization Zero-Day Vulnerability in Sitecore Products (CVE-2025-53690) Feedly Summary: Written by: Rommel Joven, Josh Fleischer, Joseph Sciuto, Andi Slok, Choon Kiat Ng In a recent investigation, Mandiant Threat Defense discovered an active ViewState deserialization attack affecting Sitecore deployments leveraging sample machine keys that had been exposed in…

Bulletins: Vulnerability Summary for the Week of August 25, 2025

—

by

Source URL: https://www.cisa.gov/news-events/bulletins/sb25-245 Source: Bulletins Title: Vulnerability Summary for the Week of August 25, 2025 Feedly Summary: High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 1000projects–Online Project Report Submission and Evaluation System A vulnerability has been found in 1000projects Online Project Report Submission and Evaluation System 1.0. This issue affects some unknown…

The Cloudflare Blog: The impact of the Salesloft Drift breach on Cloudflare and our customers

—

by

Source URL: https://blog.cloudflare.com/response-to-salesloft-drift-incident/ Source: The Cloudflare Blog Title: The impact of the Salesloft Drift breach on Cloudflare and our customers Feedly Summary: An advanced threat actor, GRUB1, exploited the integration between Salesloft’s Drift chat agent and Salesforce to gain unauthorized access to Salesforce tenants of Cloudflare and many other companies. AI Summary and Description: Yes…

The Register: Zscaler latest victim of Salesloft Drift attacks, customer data exposed

—

by

Source URL: https://www.theregister.com/2025/09/02/zscaler_customer_data_drift_compromise/ Source: The Register Title: Zscaler latest victim of Salesloft Drift attacks, customer data exposed Feedly Summary: Joins Google, Palo Alto Networks in the ever-growing supply chain compromise Zscaler is the latest company to disclose some of its customers’ data was exposed in the recent spate of Salesloft Drift attacks affecting Salesforce databases.……

The Register: Stolen OAuth tokens expose Palo Alto customer data

—

by

Source URL: https://www.theregister.com/2025/09/02/stolen_oauth_tokens_expose_palo/ Source: The Register Title: Stolen OAuth tokens expose Palo Alto customer data Feedly Summary: Security firm’s Salesforce instance accessed using credentials stolen from Salesloft’s Drift platform breach Palo Alto Networks is writing to customers that may have had commercially sensitive data exposed after criminals used stolen OAuth credentials lifted from the Salesloft…

Unit 42: Threat Brief: Salesloft Drift Integration Used To Compromise Salesforce Instances

—

by