Category: Data Breaches

Employees are experimenting with AI at record speed. They are drafting emails, analyzing data, and transforming the workplace. The problem is not the pace of AI adoption, but the lack of control and safeguards in place.
For CISOs and security leaders like you, the challenge is clear: you don’t want to slow AI adoption down, but you must make it safe. A policy sent company-wide will not cut it.

A widespread data theft campaign has allowed hackers to breach sales automation platform Salesloft to steal OAuth and refresh tokens associated with the Drift artificial intelligence (AI) chat agent.
The activity, assessed to be opportunistic in nature, has been attributed to a threat actor tracked by Google Threat Intelligence Group and Mandiant, tracked as UNC6395.
“Beginning as early as

Cybersecurity researchers have discovered five distinct activity clusters linked to a persistent threat actor known as Blind Eagle between May 2024 and July 2025.
These attacks, observed by Recorded Future Insikt Group, targeted various victims, but primarily within the Colombian government across local, municipal, and federal levels. The threat intelligence firm is tracking the activity under

Cybersecurity researchers are calling attention to a sophisticated social engineering campaign that’s targeting supply chain-critical manufacturing companies with an in-memory malware dubbed MixShell.
The activity has been codenamed ZipLine by Check Point Research.
“Instead of sending unsolicited phishing emails, attackers initiate contact through a company’s public ‘Contact Us’ form, tricking

A new large-scale campaign has been observed exploiting over 100 compromised WordPress sites to direct site visitors to fake CAPTCHA verification pages that employ the ClickFix social engineering tactic to deliver information stealers, ransomware, and cryptocurrency miners.
The large-scale cybercrime campaign, first detected in August 2025, has been codenamed ShadowCaptcha by the Israel National

Cybersecurity researchers have discovered a new variant of an Android banking trojan called HOOK that features ransomware-style overlay screens to display extortion messages.
“A prominent characteristic of the latest variant is its capacity to deploy a full-screen ransomware overlay, which aims to coerce the victim into remitting a ransom payment,” Zimperium zLabs researcher Vishnu Pratapagiri

Google has announced plans to begin verifying the identity of all developers who distribute apps on Android, even for those who distribute their software outside the Play Store.
“Android will require all apps to be registered by verified developers in order to be installed by users on certified Android devices,” the company said. “This creates crucial accountability, making it much harder for

Cybersecurity today moves at the pace of global politics. A single breach can ripple across supply chains, turn a software flaw into leverage, or shift who holds the upper hand. For leaders, this means defense isn’t just a matter of firewalls and patches—it’s about strategy. The strongest organizations aren’t the ones with the most tools, but the ones that see how cyber risks connect to business

Security Information and Event Management (SIEM) systems act as the primary tools for detecting suspicious activity in enterprise networks, helping organizations identify and respond to potential attacks in real time. However, the new Picus Blue Report 2025, based on over 160 million real-world attack simulations, revealed that organizations are only detecting 1 out of 7 simulated attacks,

The advanced persistent threat (APT) actor known as Transparent Tribe has been observed targeting both Windows and BOSS (Bharat Operating System Solutions) Linux systems with malicious Desktop shortcut files in attacks targeting Indian Government entities.
“Initial access is achieved through spear-phishing emails,” CYFIRMA said. “Linux BOSS environments are targeted via weaponized .desktop