Scope of Salesforce Attacks Expands as Icarus Leaks Data
More victims have emerged after attackers breached application vendor Klue and used its OAuth tokens to steal customers' Salesforce data.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
More victims have emerged after attackers breached application vendor Klue and used its OAuth tokens to steal customers' Salesforce data.
Klue's Battlecards is now the third integrated application that has been compromised to steal customers' Salesforce data, and victims include Huntress, the cybersecurity vendor.
The financially motivated group is combining vishing, IT impersonation, and in-person office intrusions to steal data and extort victims.
The North Korean group is using stolen victim videos, AI-generated avatars, and fake Zoom calls to scale malware attacks against cryptocurrency executives.
RedVDS, a cybercrime-as-a-service operation that has stolen millions from victims, lost two domains to a law enforcement operation supported by Microsoft.
A group linked to Russian intelligence services redirected victims to fake Cloudflare verification pages and exploited Microsoft's device code authentication flow.
Though the victims list on its site has since been taken down, the group plans on leaking the rest of the files stolen from its victims.
Threat actors are scamming users by advertising legitimate-looking generative AI websites that, when visited, install credential-stealing malware onto the victim's computer.
Researchers at security vendor Cleafy detailed a malware known as "SuperCard X" that uses the NFC reader on a victim's own phone to steal credit card funds instantly.
Attackers are using credentials stolen via phishing websites that purport to be legitimate securities company homepages, duping victims and selling their stocks before they realize they've been hacked.
Customer data such as birth dates, credit card numbers and driver's license information were stolen when threat actors exploited zero-day vulnerabilities in Cleo-managed file transfer products.
The ransomware-as-a-service (RaaS) cybercrime group intends to leak the stolen information in just two days, it claims; but oddly, it doesn't seek a ransom payment from its victim.
After claiming responsibility for the ransomware attack in 2024, the "Embargo" ransomware group posted 1.15 terabytes of stolen data to its public Tor site.
A collaboration with the FBI and law-enforcement agencies in Europe, the UK, and Australia, Operation Magnus has seized servers and source code related to the two malware families, which have stolen data from millions of victims worldwide.
Consumers are victims of online scams and have their data stolen, but they are lagging on adopting security tools to protect themselves.
Since at least February, a threat actor has been attempting to extort victims by stealing or wiping data in their GitHub repositories.
The threat actor is deploying multiple connections into victim environments to maintain persistence and steal data.
An open direct vulnerability in the Nespresso Web domain lets attackers bypass detection as they attempt to steal victims' Microsoft credentials.
Russia's government is pretending to be other governments in emails, with an eye toward stealing strategic intel.
Sophisticated Windows and Linux malware for stealing data and conducting cyber espionage has flown under the radar, disguised as a cryptominer.