Exposed MongoDB instances still targeted in data extortion attacks
A threat actor is targeting exposed MongoDB instances in automated data extortion attacks demanding low ransoms from owners to restore the data. [...]
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
A threat actor is targeting exposed MongoDB instances in automated data extortion attacks demanding low ransoms from owners to restore the data. [...]
Cyber Extortion Campaign Automated Efforts to 'Unprecedented' Degree, Says AI GiantArtificial intelligence giant Anthropic said it's disrupted a cybercrime operation that tapped its large language models, including Claude Code, to an "unprecedented" extent to help automate a data theft and extortion campaign that targeted more than a dozen critical infrastructure organizations.
Hackers breached sales automation platform Salesloft to steal OAuth and refresh tokens from its Drift chat agent integration with Salesforce to pivot to customer environments and exfiltrate data. The ShinyHunters extortion group claims responsibility for these additional Salesforce attacks. [...]
The attack highlights growing interest among threat actors to target data from software-as-a-service providers.
The innovative ransomware targets NAS devices, has a multitiered payment and extortion scheme as well as a flexible configuration, and takes a heavily automated approach.