More than 28,200 Citrix instances are vulnerable to a critical remote code execution vulnerability tracked as CVE-2025-7775 that is already being exploited in the wild. The vulnerability affects NetScaler ADC and NetScaler Gateway and the vendor addressed it in updates released yesterday. According to the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Citrix, the security issue has been exploited as a zero-day vulnerability. READ MORE...
A threat group has committed a spate of data breaches of organizations' Salesforce instances by compromising OAuth tokens associated with the Salesloft Drift third-party application, Google has revealed. The activity appears to be unrelated to previous vishing attacks attributed to ShinyHunters that also led to breaches of the widely used CRM service across multiple companies. READ MORE...
Consumer credit reporting giant TransUnion warns it suffered a data breach exposing the personal information of over 4.4 million people in the United States, with BleepingComputer learning the data was stolen from it's Salesforce account. TransUnion is one of the three major credit bureaus in the United States, alongside Equifax and Experian. It operates in 30 countries, employs 13,000 staff, and has an annual revenue of $3 billion. READ MORE...
Nearly three-quarters (73%) of organizations have already integrated AI into their cybersecurity programs, but industries with critical physical safety concerns are among the least likely to have deployed it, according to a survey that the security firm Arctic Wolf released on Wednesday. The financial services industry led the way in implementing AI for security, with 82% of respondents in that sector saying they had done so. READ MORE...