Live Feeds
-
Google: Data of two hundred Salesforce customers stolen via Gainsight apps
A major cyberattack has resulted in the theft of data from over 200 Salesforce customers, stemming from compromised Gainsight applications. The group claiming responsibility is known as “Scattered Lapsus$ Hunters,” also identified as UNC6040 by Google’s Mandiant team.
-
AI-Based Obfuscated Malware Evades AV Detection
Malicious Android applications use AI-powered obfuscation to bypass antivirus detection. These apps mimic delivery services, steal user data, and employ sophisticated evasion techniques. Security analysts identified advanced obfuscation, making reverse engineering difficult.
-
ShadowRay 2.0: Ray AI Flaw Exploited for Cryptomining
ShadowRay 2.0 exploits a Ray AI flaw, creating a self-spreading GPU cryptomining botnet. Attackers use unpatched vulnerabilities, GitLab, and GitHub to spread malware and hijack computing power.
-
German Firms Pioneer Mobile 3D Printing for Field Use
German firms NextFab and KMW develop a mobile 3D printing system for rapid deployment, revolutionizing military logistics and disaster response with on-site manufacturing of critical components.
-
Ukraine Mass Produces Octopus Drone Interceptors
Ukraine begins mass production of Octopus drone interceptors to counter Iranian-made Shahed drones, enhancing aerial defense and safeguarding infrastructure.
-
SpearSpecter — Iranian-linked APT42 uses WhatsApp lures and PowerShell backdoor
INDA analysis shows APT42’s SpearSpecter uses WhatsApp lures and a modular PowerShell backdoor that targets officials and family members; detection steps and IOCs are included in the report.
-
GTG-1002: AI-assisted espionage campaign abused an AI coding tool
A campaign tracked as GTG-1002 used an AI coding tool to automate reconnaissance, vulnerability validation, and exploit generation against roughly 30 organizations. The attackers relied on commodity tools rather than bespoke malware, making detection possible with standard defenses. Defenders should gate high‑risk actions, verify AI outputs, and prioritize patching.
-
What is EPSS? Exploit Prediction Scoring System
Explainer: what EPSS is and how teams use it to prioritize vulnerabilities.
-
What is OpenID Connect (OIDC)? — Explainer tied to CVE-2025-54603
A concise explainer of OpenID Connect (OIDC) and how product-level OIDC misimplementations (as in CVE-2025-54603) can lead to authentication bypasses.
-
What is GlobalProtect? Palo Alto Networks VPN Gateway Explained
GlobalProtect is Palo Alto Networks’ enterprise remote access gateway. This explainer covers how it works, why it matters, and the security considerations organizations should understand about CVE-2024-3400 and enterprise VPN security.