ESPHome Vulnerability Allows Unauthorized Access to Smart Devices
A critical authentication bypass flaw in ESPHome’s ESP-IDF web server component allows unauthorized users on the same local network to access and control smart devices…
Month: September 2025
Black Hat USA 2025 CISO Podcast Series Episode 4 Goes Live
The Black Hat USA 2025 CISO Podcast Series by The Cyber Express, in collaboration with Suraksha Catalyst, has released its highly anticipated fourth episode: “Maturing Your…
Palo Alto Networks disclose a data breach linked to Salesloft Drift incident
Palo Alto Networks disclose a data breach linked to Salesloft Drift incident Pierluigi Paganini September 02, 2025 Palo Alto Networks hit by Drift-linked supply-chain attack,…
Pentesting Plugin Ecosystems: Advanced Exploitation Guide
Add-on (or plugin) ecosystems unlock an entire new world of integration possibilities while also complementing the platform’s extensibility to developers. However, in practice, finding the…
Palo Alto Networks data breach exposes customer info, support cases
Palo Alto Networks suffered a data breach that exposed customer data and support cases after attackers abused compromised OAuth tokens from the Salesloft Drift breach…
Hackers Stole Customer Data from Salesforce Instances
Palo Alto Networks has confirmed that it was affected by a supply chain attack, resulting in the theft of customer data from its Salesforce instances.…
Palo Alto Networks Confirms Data Breach via Compromised Salesforce Instances
Cybersecurity vendor Palo Alto Networks disclosed that its Salesforce environment was breached through a compromised Salesloft Drift integration, marking the latest in a series of…
How Agentic AI is Reshaping the SOC
While the promise of agentic AI is compelling, its implementation in a Security operations center (SOC) faces challenges that must be addressed for successful and…
Tax refund scam targets Californians
The State of California Franchise Tax Board (FTB) recently issued a warning to taxpayers to protect themselves from tax scams. In their warning the FTB…
Pennsylvania AG Office says ransomware attack behind recent outage
The Office of the Pennsylvania Attorney General announced that a ransomware attack is behind the ongoing two-week service outage. In an official statement, Attorney General…
New ClickFix Attack Mimic as AnyDesk Leverages Windows Search to Drop MetaStealer
A novel variant of the ClickFix attack has recently emerged, masquerading as a legitimate AnyDesk installer to spread the MetaStealer infostealer. This campaign exploits a…
Bulk Domain Name Registration Could Pave The Way For Massive AI-Powered Cyberattack Infrastructures
Globally, cybercrime from AI and other sources of threats is projected to cost $10.5 trillion annually in 2025—a 250 percent increase from 2015. WhoisXML API, a…