-
Cybersecurity firm Zscaler has disclosed a data breach affecting customer contact information after unauthorized actors gained access to the company’s Salesforce database through compromised third-party application credentials. The breach origina…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Wireshark team has rolled out version 4.4.9, a maintenance release for the world’s most popular network protocol analyzer. This update focuses on stability and reliability, delivering a series of important bug fixes and enhancing support for several existing protocols. The new version is now available for all supported platforms, including Windows, macOS, and Linux. […] The post Wireshark 4.4.9 Released With Fix For Critical Bugs and Updated Protocol Support appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A group claiming to be a coalition of hackers has reportedly issued an ultimatum to Google, threatening to release the company’s databases unless two of its employees are terminated. The demand, which appeared in a Telegram post, specifically named Austin Larsen and Charles Carmakal, both members of Google’s Threat Intelligence Group. According to a post […] The post Hackers Reportedly Demand Google Fire Two Employees, Threaten Data Leak appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The telecommunications landscape is facing an unprecedented crisis as SIM swapping attacks surge to alarming levels, with the United Kingdom alone reporting a staggering 1,055% increase in incidents during 2024, jumping from just 289 cases in 2023 to nearly 3,000 cases. This explosive growth in telecommunications fraud has prompted urgent calls for enhanced security measures, […] The post SIM Swapping Attacks on the Rise – How eSIM can Make SIM Swapping Harder appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In a significant security move, Microsoft announced on August 26, 2025, that it will require mandatory multifactor authentication (MFA) for all accounts signing in to the Azure portal and related administrative centers. The policy, first introduced in 2024, aims to dramatically reduce account compromise by enforcing an additional layer of identity verification across Azure and […] The post Microsoft To Mandate MFA for Accounts Signing In to the Azure Portal appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly discovered critical security vulnerability in the Next.js framework, designated CVE-2025-29927, poses a significant threat to web applications by allowing malicious actors to completely bypass authorization mechanisms. This vulnerability arises from improper handling of the x-middleware-subrequest header within Next.js middleware execution, potentially exposing sensitive administrative areas and protected resources to unauthorized access. The vulnerability […] The post Critical Next.js Framework Vulnerability Let Attackers Bypass Authorization appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A novel phishing campaign emerged in late August 2025 that specifically targeted hoteliers and vacation rental managers through malicious search engine advertisements. Rather than relying on mass email blasts or social media lures, attackers purchased sponsored ads on platforms such as Google Search, typosquatting legitimate service providers’ names to redirect unsuspecting users. By mimicking brands […] The post New Large-Scale Phishing Attacks Targets Hotelier Via Ads to Gain Access to Property Management Tools appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
MediaTek today published a critical security bulletin addressing several vulnerabilities across its latest modem chipsets, urging device OEMs to deploy updates immediately. The bulletin, issued two months after confidential OEM notification, confirms that no known in-the-wild exploits have been detected to date. Key Takeaways1. MediaTek patched high- and medium-severity modem and firmware bugs across 60+ […] The post MediaTek Security Update – Patch for Multiple Vulnerabilities Across Chipsets appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A startling vulnerability in Pudu Robotics’ management APIs that allowed anyone with minimal technical skill to seize control of the company’s food delivery and service robots. The vulnerability, which went unaddressed for weeks despite repeated respon…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Salesforce today unveiled its comprehensive Forensic Investigation Guide, equipping organizations with best practices, log analysis techniques, and automation workflows to detect and respond to sophisticated security breaches rapidly. To reconstruct attack timelines and assess data exposure, the guide emphasizes three primary information sources: Activity Logs, User Permissions, and Backup Data. Key Takeaways1. Salesforce’s new Forensic […] The post Salesforce Releases Forensic Investigation Guide Following Chain of Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
