Pierluigi Paganini
August 28, 2025
Hackers breached Salesloft to steal OAuth/refresh tokens for Drift AI chat; GTIG and Mandiant link the campaign to threat actor UNC6395. Google Threat Intelligence Group and Mandiant researchers investigate a large-scale data theft campaign carried out to hack the sales automation platform Salesloft to steal OAuth and refresh tokens associated with the Drift artificial intelligence (AI) chat […]
Pierluigi Paganini
August 27, 2025
Over 28,200 Citrix NetScaler ADC/Gateway instances remain exposed to critical RCE flaw CVE-2025-7775, already under active exploitation. Experts at the Shadowserver Foundation warn that more than 28,200 Citrix instances are vulnerable to the vulnerability CVE-2025-7775, which is under active exploitation. CVE-2025-7775Â (CVSS score: 9.2) is a memory overflow vulnerability leading to Remote Code Execution and/or Denial-of-Service. […]
Pierluigi Paganini
August 27, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Citrix NetScaler flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Citrix NetScaler flaw, tracked as CVE-2025-7775, to its Known Exploited Vulnerabilities (KEV) catalog. This week, Citrix addressed three security flaws (CVE-2025-7775, CVE-2025-7776, CVE-2025-8424) in NetScaler ADC and NetScaler Gateway, including one (CVE-2025-7775) that it […]
Pierluigi Paganini
August 27, 2025
Healthcare Services Group suffered a 2024 breach, exposing personal data of 624,000+ people. Affected individuals are now being notified. In 2024, Healthcare Services Group suffered a data breach that impacted over 624,496 people, as per notification sent to the Maine Attorney General’s Office. Healthcare Services Group, Inc. (HCSG) is a U.S.-based company that provides housekeeping, laundry, […]
Pierluigi Paganini
August 27, 2025
The China-linked APT group UNC6384 targeted diplomats by hijacking web traffic to redirect it to a website that delivered malware. China-linked cyberespionage group UNC6384 targeted diplomats by hijacking web traffic to redirect to a website used to deliver malware, Google’s Threat Intelligence Group (GTIG) warns. Cyberspies hijacked a network’s captive portal using an advanced adversary-in-the-middle […]
Pierluigi Paganini
August 26, 2025
Farmers Insurance suffered a breach tied to Salesforce attacks, exposing data of 1.1M customers across its nationwide insurance network. Farmers Insurance disclosed a data breach affecting 1,071,172 customers, linked to the recent wave of Salesforce attacks, as per Bleeping Computer. The company is an American insurer group of vehicles, homes and small businesses and also […]
Pierluigi Paganini
August 26, 2025
Citrix addressed three vulnerabilities in NetScaler ADC and NetScaler Gateway, including one that has been actively exploited in the wild. Citrix addressed three security flaws (CVE-2025-7775, CVE-2025-7776, CVE-2025-8424) in NetScaler ADC and NetScaler Gateway, including one (CVE-2025-7775) that it said has been actively exploited in the wild. “Exploits of CVE-2025-7775 on unmitigated appliances have been observed.” […]
Pierluigi Paganini
August 25, 2025
Docker fixed a critical flaw in the Docker Desktop app for Windows and macOS that could potentially allow an attacker to escape the confines of a container. Docker fixed a critical vulnerability, tracked as CVE-2025-9074 (CVSS score of 9.3), impacting Docker Desktop app for Windows and macOS. An attacker can exploit the flaw to potentially escape […]
Pierluigi Paganini
August 25, 2025
APT36 uses Linux .desktop files in new attacks on Indian gov & defense, aiming for data theft and persistent espionage access. Transparent Tribe (aka APT36, Operation C-Major, and Mythic Leopard), a Pakistan-linked threat actor, is using Linux .desktop files to load malware in new attacks against government and defense entities in India. The APT group […]
Pierluigi Paganini
August 23, 2025
Kidney dialysis firm DaVita confirms ransomware breach exposed personal and health data of nearly 2.7M individuals. Kidney dialysis firm DaVita disclosed a data breach after a ransomware attack, the incident exposed personal and health information of nearly 2.7 million individuals. The number of impacted individuals reported by the Department of Health’s Office for Civil Rights […]
