-
New findings from Lares Labs underscore the importance of realistic threat emulation exercises that mirror the sophisticated tactics of the Scattered Spider APT group. By integrating real-world incident data into controlled simulations, organizations can proactively assess defenses across networks, endpoints, and cloud environments, bolstering resilience against advanced persistent threats. Lares’s research centers on recreating the […] The post New Research Highlights Emulating Tactics of Scattered Spider in Realistic Scenarios appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated data exfiltration campaign targeting corporate Salesforce instances has exposed sensitive information from multiple organizations through compromised OAuth tokens associated with the Salesloft Drift third-party application. The threat actor, designated as UNC6395, systematically harvested credentials and sensitive data between August 8-18, 2025, demonstrating advanced operational security awareness while executing SOQL queries across numerous Salesforce […] The post Salesloft Drift Hacked to Steal OAuth Tokens and Exfiltrate from Salesforce Corporate Instances appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Major French retail chain Auchan announced on August 21, 2025, that it suffered a significant cybersecurity incident resulting in the unauthorized access and theft of personal data from “several hundred thousand” customer loyalty accounts. The breach represents another critical example of retail sector vulnerabilities to Advanced Persistent Threats (APTs) targeting customer databases containing Personally Identifiable […] The post French Retailer Auchan Cyberattack – Thousands of Customers Personal Data Exposed appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A malvertising campaign using sponsored results on Microsoft’s search platform delivered a weaponized PuTTY that established persistence, enabled hands-on keyboard control, and executed Kerberoasting to target Active Directory service accounts. According to an investigation published by LevelBlue’s MDR SOC and corroborated by independent research tracking Oyster/Broomstick backdoor activity tied to trojanized admin tools distributed via […] The post Weaponized PuTTY Via Bing Ads Exploit Kerberos and Attack Active Directory Services appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A massive coordinated scanning campaign targeting Microsoft Remote Desktop Protocol (RDP) services, with threat actors deploying over 30,000 unique IP addresses to probe for vulnerabilities in Microsoft RD Web Access and RDP Web Client authentication portals. The campaign represents one of the largest coordinated RDP reconnaissance operations observed in recent years, signaling potential preparation for […] The post Hackers Actively Scanning to Exploit Microsoft Remote Desktop Protocol Services From 30,000+ IPs appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A novel adaptation of the ClickFix social engineering technique has been identified, leveraging invisible prompt injection to weaponize AI summarization systems in email clients, browser extensions, and productivity platforms. By embedding malicious step-by-step instructions within hidden HTML elements—using CSS obfuscation methods such as zero-width characters, white-on-white text, tiny font sizes, and off-screen positioning—attackers can poison […] The post Threat Actors Weaponizes AI Generated Summaries With Malicious Payload to Execute Ransomware appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A large-scale phishing campaign was conducted by threat actors who abused Google Classroom to distribute over 115,000 malicious emails to more than 13,500 organizations globally. The campaign uncovered by Check Point unfolded in five distinct waves between August 6 and August 12, 2025, and weaponized the trusted educational platform to bypass conventional security filters. The […] The post Hackers Leverage Google Classroom for 115,000+ Phishing Emails Targeting 13,500+ Organizations appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A Chinese national has been sentenced to four years in federal prison for orchestrating a sophisticated insider cyberattack against his former employer’s global network infrastructure. Davis Lu, 55, utilized his privileged access as a software developer to deploy destructive malware that crippled operations across thousands of users worldwide, demonstrating the severe risks posed by malicious […] The post Chinese Hacker Jailed for Deploying Kill Switch on Ohio-based Key Company’s Global Network appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A 20-year-old Florida man, identified as a key member of the prolific cybercrime group “Scattered Spider,” was sentenced to 10 years in federal prison today. Noah Michael Urban of Palm Coast, Fla., was also ordered to pay approximately $13 million in restitution to the victims of his schemes. In April 2025, Urban pleaded guilty to […] The post First Member of ‘Scattered Spider’ Hackers Group Sentenced to 10 Years appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
