Amazon pays $2.5 billion to settle Prime memberships lawsuit
Amazon will pay $2.5 billion to settle claims by the U.S. Federal Trade Commission (FTC) that it used dark patterns to trick millions of users…
Latest Cybersecurity News — Page 1422
View all →Salesforce AI Agent Vulnerability Allows Let Attackers Exfiltration Sensitive Data
A critical vulnerability chain in Salesforce’s Agentforce AI platform, which could have allowed external attackers to steal sensitive CRM data. The vulnerability, dubbed ForcedLeak by Noma Labs,…
ZendTo Flaw Lets Attackers Bypass Security Controls to Access Sensitive Data
A critical vulnerability in the popular file-sharing tool ZendTo allows authenticated users to traverse system paths and access or modify sensitive files belonging to other…
Vietnamese Hackers Use Fake Copyright Notices to Spread Lone None Stealer
A Vietnamese hacking group known as Lone None is running an online scam campaign that has been active since at least November 2024. The campaign…
European Windows 10 users get an additional year of free security updates
Windows 10 users in the European Economic Area (EEA) will be able to receive extended security updates until October 14, 2026, without having to pay…
Volvo North America disclosed a data breach following a ransomware attack on IT provider Miljödata
Volvo North America disclosed a data breach following a ransomware attack on IT provider Miljödata Pierluigi Paganini September 25, 2025 Volvo North America disclosed a…
Dem report concludes Department of Government Efficiency violates cybersecurity, privacy rules
Department of Government Efficiency practices at three federal agencies “violate statutory requirements, creating unprecedented privacy and cybersecurity risks,” according to a report that Senate Homeland…
Cisco warns of ASA firewall zero-days exploited in attacks
Cisco warned customers today to patch two zero-day vulnerabilities that are actively being exploited in attacks and impact the company’s firewall software. The first one…
Hackers Leverage GitHub Notifications to Mimic as Y Combinator to Steal Funds from Wallets
Cybercriminals have orchestrated a sophisticated phishing campaign exploiting GitHub’s notification system to impersonate the prestigious startup accelerator Y Combinator, targeting developers’ cryptocurrency wallets through fake…
When Airports Go Dark: What The Weekend’s Cyber-attacks Tell Us About Business Risk
Varun Uppal, founder and CEO of Shinobi Security Over the weekend, airports across Europe were thrown into chaos after a cyber-attack on one of their…
Cisco IOS/XE Vulnerability Allows Unauthorized Access to Confidential Data
Cisco released an advisory describing a high-severity vulnerability (CVE-2025-20160) in its IOS and IOS XE platforms. The flaw stems from improper validation of the TACACS+…
Salesforce AI Hack Enabled CRM Data Theft
Prompt injection and an expired domain could have been used to target Salesforce’s Agentforce platform for data theft. The attack method, dubbed ForcedLeak, was discovered…