Latest Intelligence
Can Your Security Stack See ChatGPT? Why Network Visibility Matters
Generative AI platforms like ChatGPT and others are becoming prevalent in organizations, enhancing efficiency but also introducing challenges related to data leak prevention. Sensitive information can be inadvertently shared through various means, raising concerns about security controls. Read Original »
How attackers adapt to built-in macOS protection
The article examines the built-in protection mechanisms in macOS, detailing their functionality and how attackers may circumvent them or mislead users. It also discusses methods for detecting such attacks. Read Original »
Click Studios Patches Passwordstate Authentication Bypass Vulnerability in Emergency Access Page
Click Studios has released security updates for its Passwordstate software to address an authentication bypass vulnerability. This issue has not yet been assigned a CVE identifier and was fixed in the recent update, Passwordstate 9.9 (Build 9972), released on August 28, 2025. Read Original »
FreePBX Servers Targeted by Zero-Day Flaw, Emergency Patch Now Available
The Sangoma FreePBX Security Team has alerted users to a zero-day vulnerability affecting FreePBX systems with exposed administrator control panels. An emergency patch has been released to address this critical security issue. Read Original »
Feds Seize $6.4M VerifTools Fake-ID Marketplace, but Operators Relaunch on New Domain
Authorities from the Netherlands and the United States have successfully dismantled the VerifTools marketplace, which was involved in selling fake identity documents to cybercriminals globally. Despite this crackdown, the operators have reportedly relaunched the marketplace on a new domain. Read Original »
Google Warns Salesloft OAuth Breach Extends Beyond Salesforce, Impacting All Integrations
Google has warned that a recent breach involving Salesloft Drift and Salesforce is more extensive than initially believed, affecting all integrations connected to the Drift platform. Customers are advised to consider their authentication tokens as potentially compromised. Read Original »
TamperedChef Malware Disguised as Fake PDF Editors Steals Credentials and Cookies
Researchers have identified a cybercrime campaign that utilizes malvertising to lead victims to fake sites where they download a trojanized PDF editor. This editor contains an information-stealing malware known as TamperedChef, which steals credentials and cookies. Read Original »
CISA, FBI, NSA Warn of Chinese 'Global Espionage System'
Three federal agencies, including CISA, FBI, and NSA, issued a global security advisory highlighting the significant threat from Chinese nation-state actors who are targeting network devices. This advisory underscores the need for heightened awareness and security measures against potential espionage activities. Read Original »
Hackers Steal 4M+ TransUnion Customers' Data
Hackers have stolen data from over 4 million customers of TransUnion, a credit reporting agency. The breach was described as limited to specific data elements and did not involve credit reports or core credit information. Read Original »
Akira, Cl0p Top List of 5 Most Active Ransomware-as-a-Service Groups
Flashpoint's 2025 midyear ransomware report identifies the top five most active ransomware-as-a-service groups, with Akira and Cl0p being highlighted as the most prolific. The report sheds light on the ongoing threat posed by these groups in the cybersecurity landscape. Read Original »
1,000+ Devs Lose Their Secrets to an AI-Powered Stealer
A significant supply chain attack has resulted in the leakage of sensitive data from over 1,000 developers within hours. This incident highlights the growing sophistication of cyber threats targeting software development environments. Read Original »
Dark Reading Confidential: A Guided Tour of Today's Dark Web
The article discusses the evolving landscape of the Dark Web and how various factors such as law enforcement, artificial intelligence, and nation-state activities are influencing cybercriminal behavior. Keith Jarvis from Sophos' Counter Threat Unit provides insights into these changes during a conversation with Dark Reading's Alex Culafi. Read Original »
Researchers Find VS Code Flaw Allowing Attackers to Republish Deleted Extensions Under Same Names
Researchers have identified a vulnerability in the Visual Studio Code Marketplace that allows attackers to republish deleted extensions using the same names. This loophole poses a risk as malicious extensions can be disguised under familiar names, potentially deceiving users. Read Original »
CISA's New SBOM Guidelines Get Mixed Reviews
CISA has updated its SBOM guidelines to enhance their utility for cyber defenders, but experts believe these changes do not fully address several critical needs in cybersecurity. The mixed reviews suggest that while progress has been made, more work is required to meet the demands of the field. Read Original »
Salt Typhoon Exploits Cisco, Ivanti, Palo Alto Flaws to Breach 600 Organizations Worldwide
The advanced persistent threat actor Salt Typhoon, linked to China, has been targeting networks globally, particularly in sectors like telecommunications and military infrastructure. Their attacks exploit vulnerabilities in major products from Cisco, Ivanti, and Palo Alto, affecting around 600 organizations. Read Original »