Tag: unauthorized
-
CISA Warns of Commercial Spyware Targeting Signal and WhatsApp Users
Tags: access, advisory, attack, cisa, cyber, cybersecurity, exploit, infrastructure, mobile, spyware, threat, unauthorizedThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert warning that multiple cyber threat actors are actively exploiting commercial spyware to target users of popular mobile messaging applications, including Signal and WhatsApp. The advisory, published on November 24, 2025, highlights sophisticated attack techniques aimed at compromising victim accounts and gaining unauthorized access…
-
CISA Warns of Commercial Spyware Targeting Signal and WhatsApp Users
Tags: access, advisory, attack, cisa, cyber, cybersecurity, exploit, infrastructure, mobile, spyware, threat, unauthorizedThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert warning that multiple cyber threat actors are actively exploiting commercial spyware to target users of popular mobile messaging applications, including Signal and WhatsApp. The advisory, published on November 24, 2025, highlights sophisticated attack techniques aimed at compromising victim accounts and gaining unauthorized access…
-
Retail Finance Giant SitusAMC Hit by Breach Exposing Confidential Files
Tags: access, breach, corporate, cyber, data, data-breach, finance, security-incident, service, unauthorizedSitusAMC, a major player in the real estate and finance services sector, disclosed a significant data breach on November 12, 2025, that compromised sensitive corporate information. The incident resulted in unauthorized access to client accounting records, legal agreements, and potentially customer data, marking a serious security incident for the financial services provider. Investigation and Containment…
-
CISA Warns of Active Spyware Campaigns Hijacking High-Value Signal and WhatsApp Users
Tags: access, cisa, cyber, cybersecurity, infrastructure, mobile, social-engineering, spyware, unauthorizedThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday issued an alert warning of bad actors actively leveraging commercial spyware and remote access trojans (RATs) to target users of mobile messaging applications.”These cyber actors use sophisticated targeting and social engineering techniques to deliver spyware and gain unauthorized access to a victim’s messaging app, First…
-
New Shai-Hulud worm spreading through npm, GitHub
Tags: access, attack, authentication, automation, ciso, cloud, credentials, cybersecurity, data, data-breach, defense, dns, github, identity, login, malicious, malware, mfa, monitoring, network, open-source, phishing, resilience, sans, software, supply-chain, threat, unauthorized, worma thousand new GitHub repositories containing harvested victim data were being added every 30 minutes. And researchers at JFrog identified 181 compromised packages.The current campaign introduces a new variant, which Wiz researchers dub Shai-Hulud 2.0, that executes malicious code during the preinstall phase, “significantly increasing potential exposure in build and runtime environments.”The threat leverages…
-
Iberia Airlines Hit by Data Breach Exposing Customer Personal Details
Iberia LÃneas Aéreas de España has disclosed a significant security incident involving unauthorized access to systems operated by an external service provider. The breach has exposed sensitive personal information belonging to the airline’s customers, including names, email addresses, and Iberia Club loyalty program identification numbers. According to the airline’s official notification, the unauthorized access occurred…
-
Iberia Airlines Hit by Data Breach Exposing Customer Personal Details
Iberia LÃneas Aéreas de España has disclosed a significant security incident involving unauthorized access to systems operated by an external service provider. The breach has exposed sensitive personal information belonging to the airline’s customers, including names, email addresses, and Iberia Club loyalty program identification numbers. According to the airline’s official notification, the unauthorized access occurred…
-
Iberia Airlines Hit by Data Breach Exposing Customer Personal Details
Iberia LÃneas Aéreas de España has disclosed a significant security incident involving unauthorized access to systems operated by an external service provider. The breach has exposed sensitive personal information belonging to the airline’s customers, including names, email addresses, and Iberia Club loyalty program identification numbers. According to the airline’s official notification, the unauthorized access occurred…
-
Hackers Use Salesforce Gainsight Breach to Access Data from More Than 200 Companies
Tags: access, breach, cyber, data, data-breach, exploit, group, hacker, security-incident, threat, unauthorizedSalesforce has disclosed a significant security incident involving unauthorized access to customer data through compromised Gainsight-published applications. The breach, detected in mid-November 2025, potentially exposed sensitive information from over 200 organizations that use the customer success platform integrated with Salesforce. Threat actors linked to the notorious ShinyHunters group exploited OAuth tokens to gain unauthorized access…
-
OAuth token compromise hits Salesforce ecosystem again, Gainsight impacted
Tags: access, ai, api, attack, authentication, breach, ceo, cisco, ciso, cloud, data, data-breach, exploit, extortion, gitlab, google, group, infrastructure, injection, intelligence, leak, linkedin, mandiant, metric, monitoring, risk, saas, supply-chain, theft, threat, tool, unauthorized, vulnerabilityGoogle threat intelligence ties attack to ShinyHunters: The disclosure marks the latest chapter in an escalating pattern of attacks targeting OAuth tokens of trusted third-party SaaS integrations with Salesforce. According to Austin Larsen, principal threat analyst at Google Threat Intelligence Group, the campaign is tied to threat actors associated with ShinyHunters. This notorious extortion group…
-
OAuth token compromise hits Salesforce ecosystem again, Gainsight impacted
Tags: access, ai, api, attack, authentication, breach, ceo, cisco, ciso, cloud, data, data-breach, exploit, extortion, gitlab, google, group, infrastructure, injection, intelligence, leak, linkedin, mandiant, metric, monitoring, risk, saas, supply-chain, theft, threat, tool, unauthorized, vulnerabilityGoogle threat intelligence ties attack to ShinyHunters: The disclosure marks the latest chapter in an escalating pattern of attacks targeting OAuth tokens of trusted third-party SaaS integrations with Salesforce. According to Austin Larsen, principal threat analyst at Google Threat Intelligence Group, the campaign is tied to threat actors associated with ShinyHunters. This notorious extortion group…
-
Salesforce alerts users to potential data exposure via Gainsight OAuth apps
Salesforce warns that unusual activity in Gainsight-linked OAuth apps may have enabled unauthorized access to some customers’ Salesforce data. Salesforce warned of unusual activity involving Gainsight-linked OAuth apps, noting that threat actors may have used these integrations to gain unauthorized access to some customers’ Salesforce data. >>Salesforce has identified unusual activity involving Gainsight-published applications connected…
-
Salesforce alerts users to potential data exposure via Gainsight OAuth apps
Salesforce warns that unusual activity in Gainsight-linked OAuth apps may have enabled unauthorized access to some customers’ Salesforce data. Salesforce warned of unusual activity involving Gainsight-linked OAuth apps, noting that threat actors may have used these integrations to gain unauthorized access to some customers’ Salesforce data. >>Salesforce has identified unusual activity involving Gainsight-published applications connected…
-
New Gainsight Supply Chain Hack Could Affect Salesforce Customers
Salesforce believes there has been unauthorized access to its customers’ data through the Gainsight app’s connection to its platform First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/new-gainsight-supply-chain-hack/
-
Salesforce Flags Unauthorized Data Access via Gainsight-Linked OAuth Activity
Salesforce has warned of detected “unusual activity” related to Gainsight-published applications connected to the platform.”Our investigation indicates this activity may have enabled unauthorized access to certain customers’ Salesforce data through the app’s connection,” the company said in an advisory.The cloud services firm said it has taken the step of revoking all active access and refresh…
-
Salesforce cuts off access to third-party app after discovering ‘unusual activity’
Salesforce posted a message on its website saying an investigation revealed that the activity “may have enabled unauthorized access to certain customers’ Salesforce data through the app’s connection.” First seen on therecord.media Jump to article: therecord.media/salesforce-cuts-off-access-to-third-party-unusual-activity
-
Salesforce cuts off access to third-party app after discovering ‘unusual activity’
Salesforce posted a message on its website saying an investigation revealed that the activity “may have enabled unauthorized access to certain customers’ Salesforce data through the app’s connection.” First seen on therecord.media Jump to article: therecord.media/salesforce-cuts-off-access-to-third-party-unusual-activity
-
ShinyHunters Hack Salesforce Instances Via Gainsight Apps
Salesforce Revoked Gainsight Authentication Tokens. Customer relationship management giant Salesforce is again notifying customers that hackers may be stealing their data through a third-party app. The San Francisco company late Wednesday disclosed that apps published by Gainsight connected to Salesforce instances may have enabled unauthorized access. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/shinyhunters-hack-salesforce-instances-via-gainsight-apps-a-30087
-
The Changing Threat Landscape for Retailers: Why is data security working harder than last year?
Tags: access, ai, api, application-security, attack, automation, breach, business, cloud, compliance, container, control, credentials, cyber, cyberattack, cybersecurity, data, data-breach, defense, detection, encryption, exploit, finance, GDPR, hacker, ibm, incident, intelligence, Internet, malicious, malware, monitoring, PCI, phishing, privacy, programming, ransom, ransomware, regulation, risk, risk-management, saas, security-incident, service, social-engineering, software, strategy, supply-chain, tactics, threat, tool, unauthorized, vulnerabilityThe Changing Threat Landscape for Retailers: Why is data security working harder than last year? madhav Thu, 11/20/2025 – 08:37 It’s the 2025 holiday shopping season, and retailers everywhere are geared up for the rush of online customers. From late November to January, which includes Black Friday, Cyber Monday, Christmas shopping, and end-of-season sales, is…
-
The Changing Threat Landscape for Retailers: Why is data security working harder than last year?
Tags: access, ai, api, application-security, attack, automation, breach, business, cloud, compliance, container, control, credentials, cyber, cyberattack, cybersecurity, data, data-breach, defense, detection, encryption, exploit, finance, GDPR, hacker, ibm, incident, intelligence, Internet, malicious, malware, monitoring, PCI, phishing, privacy, programming, ransom, ransomware, regulation, risk, risk-management, saas, security-incident, service, social-engineering, software, strategy, supply-chain, tactics, threat, tool, unauthorized, vulnerabilityThe Changing Threat Landscape for Retailers: Why is data security working harder than last year? madhav Thu, 11/20/2025 – 08:37 It’s the 2025 holiday shopping season, and retailers everywhere are geared up for the rush of online customers. From late November to January, which includes Black Friday, Cyber Monday, Christmas shopping, and end-of-season sales, is…
-
NDSS 2025 Detecting And Interpreting Inconsistencies In App Behaviors
SESSION Session 3C: Mobile Security ———– ———– Authors, Creators & Presenters: Chang Yue (Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China), Kai Chen (Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China), Zhixiu Guo (Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China), Jun Dai, Xiaoyan Sun (Department of Computer Science,…
-
NDSS 2025 Detecting And Interpreting Inconsistencies In App Behaviors
SESSION Session 3C: Mobile Security ———– ———– Authors, Creators & Presenters: Chang Yue (Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China), Kai Chen (Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China), Zhixiu Guo (Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China), Jun Dai, Xiaoyan Sun (Department of Computer Science,…
-
API Security Essentials: A Comprehensive Checklist for Securing your API FireTail Blog
Tags: access, api, attack, authentication, breach, control, cyber, data, data-breach, defense, encryption, exploit, hacker, injection, malicious, network, open-source, penetration-testing, risk, risk-assessment, service, sql, threat, tool, unauthorized, vulnerabilityNov 19, 2025 – Alan Fagan – 1. Validating User Input One of the cornerstones of API security is to validate user input. Failing to do so accurately can lead to a security issues such as injection attacks and Cross-Site Scripting. When users send data to your API, no matter the type, it should be…
-
APIs, Microservices and Risk Management FireTail Blog
Tags: access, ai, api, attack, authentication, best-practice, breach, business, compliance, data, detection, encryption, endpoint, firewall, framework, GDPR, guide, injection, LLM, monitoring, network, programming, regulation, risk, risk-management, service, software, strategy, threat, tool, unauthorized, updateNov 19, 2025 – Alan Fagan – Although microservices are widespread, they are often misunderstood by business leaders. While they present substantial benefits, they also have the potential to introduce new risks into the API environment. Understanding the benefits and risks of microservice utilization is a major step towards effective product development, so today, we’re…
-
APIs, Microservices and Risk Management FireTail Blog
Tags: access, ai, api, attack, authentication, best-practice, breach, business, compliance, data, detection, encryption, endpoint, firewall, framework, GDPR, guide, injection, LLM, monitoring, network, programming, regulation, risk, risk-management, service, software, strategy, threat, tool, unauthorized, updateNov 19, 2025 – Alan Fagan – Although microservices are widespread, they are often misunderstood by business leaders. While they present substantial benefits, they also have the potential to introduce new risks into the API environment. Understanding the benefits and risks of microservice utilization is a major step towards effective product development, so today, we’re…
-
NDSS 2025 Understanding Miniapp Malware: Identification, Dissection, And Characterization
———– SESSION Session 3C: Mobile Security ———– ———– Authors, Creators & Presenters: Yuqing Yang (The Ohio State University), Yue Zhang (Drexel University), Zhiqiang Lin (The Ohio State University) ———– PAPER Understanding Miniapp Malware: Identification, Dissection, and Characterization Super apps, serving as centralized platforms that manage user information and integrate third-party miniapps, have revolutionized mobile computing…
-
Misconfigured AI Agents Let Attacks Slip Past Controls
AppOmni Finds Now Assist Agents Could Trigger Unauthorized Actions. ServiceNow’s Now Assist agents could be manipulated through second-order prompt injection, enabling unauthorized record changes and data exposure despite protections, shows new research from AppOmni. The issue stemmed from default configurations that allow agents to invoke each other. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/misconfigured-ai-agents-let-attacks-slip-past-controls-a-30068
-
CISA Alerts on Fortinet FortiWeb Vulnerability Exploited in Real-World Attacks
Tags: attack, cisa, cyber, cybersecurity, exploit, flaw, fortinet, infrastructure, injection, unauthorized, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a critical OS command injection vulnerability in Fortinet FortiWeb, warning that the flaw is actively being exploited in real-world attacks. The vulnerability, tracked as CVE-2025-58034, allows authenticated attackers to execute unauthorized code on affected systems through specially crafted HTTP requests or command-line interface…
-
ServiceNow AI Agents Can Be Tricked Into Acting Against Each Other via Second-Order Prompts
Malicious actors can exploit default configurations in ServiceNow’s Now Assist generative artificial intelligence (AI) platform and leverage its agentic capabilities to conduct prompt injection attacks.The second-order prompt injection, according to AppOmni, makes use of Now Assist’s agent-to-agent discovery to execute unauthorized actions, enabling attackers to copy and exfiltrate sensitive First seen on thehackernews.com Jump to…