stealing – Experimental News Clipping Site

Krebs on Security: ShinyHunters Wage Broad Corporate Extortion Spree

Oct 7, 2025

—

by

Source URL: https://krebsonsecurity.com/2025/10/shinyhunters-wage-broad-corporate-extortion-spree/ Source: Krebs on Security Title: ShinyHunters Wage Broad Corporate Extortion Spree Feedly Summary: A cybercriminal group that used voice phishing attacks to siphon more than a billion records from Salesforce customers earlier this year has launched a website that threatens to publish data stolen from dozens of Fortune 500 firms if they…

Cloud Blog: Cloud CISO Perspectives: Boards should be ‘bilingual’ in AI, security to gain advantage

Sep 29, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/products/identity-security/cloud-ciso-perspectives-boards-should-be-bilingual-AI-security-gain-advantage/ Source: Cloud Blog Title: Cloud CISO Perspectives: Boards should be ‘bilingual’ in AI, security to gain advantage Feedly Summary: Welcome to the second Cloud CISO Perspectives for September 2025. Today, Google Cloud COO Francis deSouza offers his insights on how boards of directors and CISOs can thrive with a good working relationship,…

The Register: Google warns China-linked spies lurking in ‘numerous’ enterprises since March

Sep 24, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/09/24/google_china_spy_report/ Source: The Register Title: Google warns China-linked spies lurking in ‘numerous’ enterprises since March Feedly Summary: Mandiant CTO anticipates ‘hearing about this campaign for the next one to two years’ Unknown intruders – likely China-linked spies – have broken into “numerous" enterprise networks since March and deployed backdoors, providing access for their…

Simon Willison’s Weblog: The Hidden Risk in Notion 3.0 AI Agents: Web Search Tool Abuse for Data Exfiltration

Sep 19, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/Sep/19/notion-lethal-trifecta/ Source: Simon Willison’s Weblog Title: The Hidden Risk in Notion 3.0 AI Agents: Web Search Tool Abuse for Data Exfiltration Feedly Summary: The Hidden Risk in Notion 3.0 AI Agents: Web Search Tool Abuse for Data Exfiltration Abi Raghuram reports that Notion 3.0, released yesterday, introduces new prompt injection data exfiltration vulnerabilities…

Krebs on Security: Self-Replicating Worm Hits 180+ Software Packages

Sep 16, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://krebsonsecurity.com/2025/09/self-replicating-worm-hits-180-software-packages/ Source: Krebs on Security Title: Self-Replicating Worm Hits 180+ Software Packages Feedly Summary: At least 187 code packages made available through the JavaScript repository NPM have been infected with a self-replicating worm that steals credentials from developers and publishes those secrets on GitHub, experts warn. The malware, which briefly infected multiple code packages…

The Register: Hijacker helper VoidProxy boosts Google, Microsoft accounts on demand

Sep 11, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/09/11/voidproxy_phishing_service/ Source: The Register Title: Hijacker helper VoidProxy boosts Google, Microsoft accounts on demand Feedly Summary: Okta uncovers new phishing-as-a-service operation with ‘multiple entities’ falling victim Multiple attackers using a new phishing service dubbed VoidProxy to target organizations’ Microsoft and Google accounts have successfully stolen users’ credentials, multi-factor authentication codes, and session tokens…

Krebs on Security: 18 Popular Code Packages Hacked, Rigged to Steal Crypto

Sep 8, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://krebsonsecurity.com/2025/09/18-popular-code-packages-hacked-rigged-to-steal-crypto/ Source: Krebs on Security Title: 18 Popular Code Packages Hacked, Rigged to Steal Crypto Feedly Summary: At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved in maintaining the projects was phished. The…

Slashdot: Hackers Threaten To Submit Artists’ Data To AI Models If Art Site Doesn’t Pay Up

Sep 2, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://it.slashdot.org/story/25/09/02/1936245/hackers-threaten-to-submit-artists-data-to-ai-models-if-art-site-doesnt-pay-up?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Hackers Threaten To Submit Artists’ Data To AI Models If Art Site Doesn’t Pay Up Feedly Summary: AI Summary and Description: Yes Summary: The ransomware attack by LunaLock presents a significant threat to data privacy and security, especially with its novel approach of threatening to submit stolen artwork to…

The Register: Salesforce data missing? It might be due to Salesloft breach, Google says

Aug 27, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/08/27/salesforce_salesloft_breach/ Source: The Register Title: Salesforce data missing? It might be due to Salesloft breach, Google says Feedly Summary: Attackers steal OAuth tokens to access third-party sales platform, then CRM data in ‘widespread campaign’ Google says a recent spate of Salesforce-related breaches was caused by attackers stealing OAuth tokens from the third-party Salesloft…

The Register: Google yet to take down ‘screenshot-grabbing’ Chrome VPN extension

Aug 21, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/08/21/freevpn_privacy_research/ Source: The Register Title: Google yet to take down ‘screenshot-grabbing’ Chrome VPN extension Feedly Summary: Researcher claims extension didn’t start out by exfiltrating info… while dev says its actions are ‘compliant’ Security boffins at Koi Security have warned of a shift in behavior of a popular Chrome VPN extension, FreeVPN.One, which recently…

Tag: stealing