A ransomware attack on financial software provider Marquis was traced to stolen configuration data from SonicWall's cloud portal, not a…
Read More »Mandiant
Entity category: organization
Open-source tools like OpenAEV and StackRox provide robust security solutions, enabling comprehensive adversary simulations and specialized Kubernetes security for diverse…
Read More »
A critical WinRAR vulnerability (CVE-2025-8088) is being actively exploited by state-sponsored and criminal hackers, despite a patch being available for…
Read More »
The cybersecurity landscape in 2026 will be defined by the weaponization of AI, leading to faster, more adaptive, and harder-to-detect…
Read More »
Mandiant has released a free, public database that can crack passwords protected by the outdated NTLMv1 hash algorithm in under…
Read More »
Google's Mandiant unit released AuraInspector, an open-source tool to audit data access paths in Salesforce Experience Cloud, focusing on the…
Read More »
Salesforce disclosed a security incident involving Gainsight applications, with unauthorized access likely starting on November 8 and suspicious activity detected…
Read More »
A cybersecurity incident involving Gainsight's Salesforce connector potentially exposed customer data, prompting Salesforce to revoke access and remove Gainsight apps…
Read More »
Salesforce detected unauthorized API calls from non-whitelisted IPs via the Gainsight Connected App, prompting immediate security actions to protect customer…
Read More »
Salesforce is investigating a security incident involving unauthorized access to customer data through Gainsight app integrations, leading to revoked tokens…
Read More »
Cybersecurity demands constant vigilance against evolving threats like zero-day exploits and requires organizations to adopt layered defense strategies that combine…
Read More »
Logitech confirmed a data breach by the Clop ransomware group, involving stolen information from Oracle E-Business Suite systems, as disclosed…
Read More »
A critical security flaw (CVE-2025-12480) in Gladinet Triofox allows unauthenticated attackers to bypass access controls and gain administrative privileges, which…
Read More »
A critical security vulnerability (CVE-2025-12480) in Gladinet's Triofox platform allows attackers to execute malicious code by exploiting improper access control…
Read More »
A state-sponsored threat actor breached SonicWall's cloud backup service using brute-force techniques, accessing all stored backup files through an API…
Read More »
State-sponsored hackers breached SonicWall's cloud environment in September, accessing firewall configuration backup files via an API call, but no products,…
Read More »
Nozomi Networks has upgraded its Arc platform to include automated threat prevention for operational technology, enabling active defense of critical…
Read More »
Nozomi Networks has launched automated threat prevention in its Nozomi Arc platform, providing the industry's first safe, automated response solution…
Read More »
CISA has added the critical Oracle E-Business Suite vulnerability CVE-2025-61884 to its Known Exploited Vulnerabilities catalog, confirming active exploitation and…
Read More »
The Clop ransomware gang breached Envoy Air's Oracle E-Business Suite, claiming responsibility and accusing the company of neglecting security, though…
Read More »