Latest news as of 11/17/2025, 1:17:18 AM
The Register
570GB of data claimed to be stolen by the Crimson Collective A hacking crew claims to have broken into Red Hat's private GitHub repositories, exfiltrating some 570GB of compressed data, including sensitive documents belonging to customers. …
Dark Reading
In a clever, messed-up twist on brand impersonation, attackers are passing off their spyware as a notorious UAE government surveillance app.
Bleeping Computer
Mandiant and Google are tracking a new extortion campaign where executives at multiple companies received emails claiming that sensitive data was stolen from their Oracle E-Business Suite systems [...]
Bleeping Computer
Mandiant and Google are tracking a new extortion campaign where executives at multiple companies received emails claiming that sensitive data was stolen from their Oracle E-Business Suite systems [...]
Graham Cluley
Researchers uncovered a security flaw in Salesforce’s shiny new Agentforce. The vulnerability, dubbed "ForcedLeak", let them smuggle AI-read instructions in via humble Web-to-Lead form... and ended up spilling data for the low, low price of five dollars. And we discuss why data breach communicationss still default to "we take security seriously" while quietly implying "assume no breach" - until the inevitable walk-back. Plus, we take a look at ITV's phone-hacking drama with David Tennant, and take a crack at decoding the history of the Rosetta Stone. Hear all this and more in episode 437 of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley, joined this week by special guest Paul Ducklin.
Dark Reading
Mandiant provided proactive defenses against UNC6040's social engineering attacks that have led to several Salesforce breaches.
Dark Reading
Lapse of critical information sharing and mass furloughs at CISA are just some of the concerns.
Bleeping Computer
A ransomware attack at Motility Software Solutions, a provider of dealer management software (DMS), has exposed the sensitive data of 766,000 customers. [...]
Graham Cluley
Most of the apps on your phone is talking to a server somewhere - sending and receiving data through messages sent through APIs, the underlying infrastructure that allows apps to communicate. And here's the problem - hackers have determined that the APIs of mobile apps, when left visible and exploitable, can be a goldmine. Read more in my article on the Fortra blog.
Bleeping Computer
Adobe is warning its Analytics customers that an ingestion bug caused data from some organizations to appear in the analytics instances of others for approximately one day. [...]