Exetel fined $694k over system ‘vulnerability’ in mobile number porting
Exetel has been penalised $694,000 after scammers were able to port mobile numbers to the telco and use them to steal hundreds of thousands of…
Latest Cybersecurity News — Page 1633
View all →The Third Limitation to Creativity
I just wrote a new piece about the two primary limitations to creativity. You should check it out. But after finishing it I realized there…
Hundreds of Salesforce customers impacted by attack spree linked to third-party AI agent
Google Threat Intelligence Group warned about a “widespread data theft campaign” that compromised hundreds of Salesforce customers over a 10-day span earlier this month. According…
Google to Add New Layer of Developer Verification to Distribute Apps on Play Store
Android’s open ecosystem has been both its greatest strength and a persistent security challenge. While sideloading offers developers and users unparalleled freedom, it has also…
Citrix fixed three NetScaler flaws, one of them actively exploited in the wild
Citrix fixed three NetScaler flaws, one of them actively exploited in the wild Pierluigi Paganini August 26, 2025 Citrix addressed three vulnerabilities in NetScaler ADC…
MCPs are just other people’s prompts and other people’s APIs
I’ve been thinking about Model Context Protocols (MCPs) for months, and here’s the simplest way to explain what they actually are: MCPs are other people’s…
Salesloft breached to steal OAuth tokens for Salesforce data-theft attacks
Hackers breached sales automation platform Salesloft to steal OAuth and refresh tokens from its Drift chat agent integration with Salesforce to pivot to customer environments…
CISA Adds Citrix Vulnerabilities To KEV As New Flaws Emerge
The U.S. Cybersecurity and Information Security Agency (CISA) has added two Citrix vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog just as new Citrix vulnerabilities…
New Attack Targeting ScreenConnect Cloud Administrators to Steal Login Credentials
A sophisticated credential harvesting campaign has emerged targeting ScreenConnect cloud administrators with spear phishing attacks designed to steal super administrator credentials. The ongoing operation, designated…
China-Based Threat Actor Mustang Panda’s TTPs Leaked
A significant milestone for cybersecurity experts is the disclosure of specific tactics, methods, and procedures (TTPs) used by Mustang Panda, an advanced persistent threat (APT)…
New Sni5Gect Attack Crashes Phones and Downgrades 5G to 4G without Rogue Base Station
Aug 26, 2025Ravie LakshmananVulnerability / Mobile Security A team of academics has devised a novel attack that can be used to downgrade a 5G connection…
First AI Ransomware ‘PromptLock’ Uses OpenAI gpt-oss-20b Model for Encryption
A new ransomware has been identified, which is believed to be the first-ever ransomware strain that leverages a local AI model to generate its malicious…