⚠️ VULNERABILITY DISCLOSURE 4[−]
1 SepThe Ongoing Fallout from a Breach at AI Chatbot Maker SalesloftThe recent mass-theft of authentication tokens from Salesloft, whose AI chatbot is used by a broad swath of corporate America to convert customer interaction into Salesforce leads, has left many companies racing to invalidate the stolen credentials before hackers can exploit them…KREBSONSECURITY.COM
1 Sep⚡ Weekly Recap: WhatsApp 0-Day, Docker Bug, Salesforce Breach, Fake CAPTCHAs, Spyware App & MoreCybersecurity today is less about single attacks and more about chains of small weaknesses that connect into big risks. One overlooked update, one misused account, or one hidden tool in the wrong hands can be enough to open the door. The news this week shows how attackers are mix…THEHACKERNEWS.COM
1 SepBlack Hat Fireside Chat: API sprawl turns SMBs into prime targets — simple flaws invite breachesCyber attackers don’t always need sophisticated exploits. Too often, they succeed by exploiting the basics. Related: 51 common SMB cyberattacks That’s the warning from Chris Wallis , founder and CEO of London-based Intruder , who sat down with Last Watchdog … (more…) The po…LASTWATCHDOG.COM
1 Sep[PDF] Over 16,000 compromised servers uncovered using Secure Shell key probing methodsubmitted by Pro to cybersecurity 11 points | 0 comments https://www.usenix.org/system/files/usenixsecurity25-munteanu.pdf cross-posted from: programming.dev/post/36708596 Main . Attackers regularly use SSH (Secure SHell) to compromise systems, e.g., via brute-force attacks, esta…SH.ITJUST.WORKS
🔥 INCIDENT REPORTING 2[−]
1 SepWhen Browsers Become the Attack Surface: Rethinking Security for Scattered SpiderAs enterprises continue to shift their operations to the browser, security teams face a growing set of cyber challenges. In fact, over 80% of security incidents now originate from web applications accessed via Chrome, Edge, Firefox, and other browsers. One particularly fast-evolv…THEHACKERNEWS.COM
1 SepGiglio - 1,026,468 breached accountsIn August 2025, over 1M unique email addresses appeared in a breach allegedly obtained from Italian fashion designer Giglio. The data also included names, phone numbers and physical addresses. Giglio did not respond to repeated attempts to disclose the incident.HAVEIBEENPWNED.COM
🕵️ THREAT INTELLIGENCE 2[−]
1 SepScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean AcademicsCybersecurity researchers have discovered a new phishing campaign undertaken by the North Korea-linked hacking group called ScarCruft (aka APT37) to deliver a malware known as RokRAT. The activity has been codenamed Operation HanKook Phantom by Seqrite Labs, stating the attacks a…THEHACKERNEWS.COM
1 SepDDoS Dominate the Digital Battlefield: AI integration, persistent hacktivist campaigns, and nation-state actors weaponize DDoS attacks, creating unprecedented risks for organizations globallysubmitted by Pro to cybersecurity 12 points | 0 comments https://www.netscout.com/threatreport cross-posted from: programming.dev/post/36689630 Key Findings 1. Geopolitical Events Trigger Unprecedented DDoS Campaigns Expand : Major political events drove increased DDoS activity, …SH.ITJUST.WORKS
🌐 CYBER THREAT LANDSCAPE 1[−]
1 SepAndroid Droppers Now Deliver SMS Stealers and Spyware, Not Just Banking TrojansCybersecurity researchers are calling attention to a new shift in the Android malware landscape where dropper apps, which are typically used to deliver banking trojans, to also distribute simpler malware such as SMS stealers and basic spyware. These campaigns are propagated via d…THEHACKERNEWS.COM
📡 INFOSEC NEWS 2[−]
1 SepHacker suspected of trying to cheat his way into university is arrested in SpainSpanish police have arrested a suspected hacker for accessing a government website in order to alter the high school and university entrance exam grades of not only himself, but also some of his closest classmates. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
1 SepWhat are money mules, and how to avoid accidentally becoming one | Kaspersky official blogWe explain in plain language what money mules are, how scammers trick ordinary folks with their schemes, and the consequences.KASPERSKY.COM