TransUnion Data Breach Compromises Over 4 Million Customers
In a significant data breach disclosed by TransUnion LLC, more than 4.4 million consumers had sensitive personal information compromised in late July 2025. The credit…
Month: August 2025
Click Studios Patches Passwordstate Authentication Bypass Vulnerability in Emergency Access Page
Aug 29, 2025Ravie LakshmananVulnerability / Enterprise Security Click Studios, the developer of enterprise-focused password management solution Passwordstate, said it has released security updates to address…
How to manage Active Directory security
Even after 25 years, Microsoft Active Directory (AD) remains the backbone of identity and access management in up to 90% of enterprise IT environments worldwide,…
UL NO. 436: Thoughts on the Future of AI & Societal Stability
Continue reading online to avoid the email cutoff issue > SECURITY | AI | MEANING :: Unsupervised Learning is my continuous stream of original ideas,…
PhpSpreadsheet Library Vulnerability Enables Attackers to Feed Malicious HTML Input
A high-severity Server-Side Request Forgery (SSRF) vulnerability has been identified in the widely used PhpSpreadsheet library, potentially allowing attackers to exploit internal network resources and…
Microsoft Teams Abused in Cyberattack Delivering PowerShell-Based Remote Access Malware
In a concerning development for enterprise security, cybercriminals have begun exploiting Microsoft Teams—long trusted as an internal messaging and collaboration tool—to deliver PowerShell-based malware and…
Feds Seize $6.4M VerifTools Fake-ID Marketplace, but Operators Relaunch on New Domain
Aug 29, 2025Ravie LakshmananCryptocurrency / Cybercrime Authorities from the Netherlands and the United States have announced the dismantling of an illicit marketplace called VerifTools that…
Salesloft Drift breach hits all integrations
Google: Salesloft Drift breach hits all integrations Pierluigi Paganini August 29, 2025 Google warns that Salesloft Drift OAuth breach affects all integrations, not just Salesforce.…
How Adversary-In-The-Middle (AiTM) Attack Bypasses MFA and EDR?
Adversary-in-the-Middle (AiTM) attacks are among the most sophisticated and dangerous phishing techniques in the modern cybersecurity landscape. Unlike traditional phishing attacks that merely collect static…
New Mac Malware Dubbed “JSCoreRunner” Weaponizing PDF Conversion Site to Deliver Malware
A sophisticated new Mac malware campaign has emerged that exploits users’ trust in free online PDF conversion tools, demonstrating how cybercriminals continue to evolve their…
New Mac Malware Dubbed ‘JSCoreRunner’ Weaponizing PDF Conversion Site to Deliver Malware
A sophisticated new Mac malware campaign has emerged, targeting users through a deceptive PDF conversion website that conceals a dangerous two-stage payload. The malware, dubbed…
DPRK Remote Work Tactics: Leveraging Code-Sharing Platforms
DPRK IT workers have leveraged popular code-sharing platforms such as GitHub, CodeSandbox, and Medium to cultivate convincing developer portfolios and land remote positions under fabricated…