FBI warns about 2 campaigns targeting Salesforce instances
The FBI on Friday released an alert warning that two hacker groups have been targeting Salesforce instances for extortion and data theft. The groups, identified as UNC6040 and UNC6395, have been identified in recent attacks using different methods of gaining initial access, according to the FBI. The alert includes indicators of compromise and additional guidance that can help security teams determine if they have been targeted and prevent future attacks. READ MORE...
Jaguar Land Rover extends shutdown after cyberattack by another week
Jaguar Land Rover (JLR) announced today that it will extend the production shutdown for another week, following a devastating cyberattack that impacted its systems at the end of August. JRL is a standalone entity under Tata Motors India, following its acquisition from Ford in 2008. JLR employs approximately 39,000 people, makes more than 400,000 vehicles each year, and has reported an annual revenue of over $38 billion (£29 billion). READ MORE...
'FileFix' attacks use fake Facebook security alerts to trick victims into running infostealers
An attack called FileFix is masquerading as a Facebook security alert before ultimately dropping the widely used StealC infostealer and malware downloader. FileFix is a variation on ClickFix, a newish type of social-engineering technique first spotted last year that tricks victims into running malware on their own devices using fake fixes and login prompts. These types of attacks have surged by 517 percent in the past six months, according to researchers at security software vendor ESET. READ MORE...
Grok, ChatGPT, other AIs happy to help phish senior citizens
If you are under the impression that cybercriminals need to get their hands on compromised AI chatbots to help them do their dirty work, think again. Some AI chatbots are just so user friendly that they can help the user craft phishing text, and even malicious HTML and Javascript code. A few weeks ago we published an article about the actions Anthropic was taking to stop its Claude AI from helping cybercriminals launch a cybercrime spree. READ MORE...
Krebs on Security: Self-Replicating Worm Hits 180+ Software Packages
At least 187 code packages made available through the JavaScript repository NPM have been infected with a self-replicating worm that steals credentials from developers and publishes those secrets on GitHub, experts warn. The malware, which briefly infected multiple code packages from CrowdStrike, steals and publishes even more credentials every time an infected package is installed. The novel malware strain is being dubbed Shai-Hulud after the giant sandworms in Frank Herbert's Dune series READ MORE...
KillSec Ransomware Hits Brazilian Healthcare Software Provider
The KillSec ransomware group has claimed its latest victim in Brazil and is threatening to leak sensitive healthcare data unless its ransom demand is met. The group attacked MedicSolution, a software provider for the healthcare industry in Brazil, and claimed responsibility on Sept. 8. The total volume of stolen data exceeds 34GB and contains more than 94,000 files, including lab results, X-rays, unredacted patient images, and records of minors, according to an investigation by Resecurity. READ MORE...
AI video surveillance could end privacy as we know it
AI-powered video surveillance brings up big questions about privacy. On one hand, it can make us feel safer, but on the other, it can easily cross the line into intrusion. The more we let technology watch and track our behavior, the harder it is to know where privacy stops and surveillance starts. The global video surveillance industry was valued at $73.75 billion in 2024 and is expected to reach $147.66 billion by 2030. Cameras are everywhere: in the streets, stores, and sports facilities. READ MORE...
Rowhammer Attack Demonstrated Against DDR5
A group of security researchers from the ETH Zurich university and Google have demonstrated a practical Rowhammer attack against DDR5. Dubbed Phoenix and tracked as CVE-2025-6202, the DDR5 Rowhammer attack was found to be effective against 15 devices from SK Hynix, the largest DRAM manufacturer. As part of a Rowhammer attack, a DRAM memory row is accessed repeatedly to cause electrical interference leading to bit flips in adjacent regions. READ MORE...
ChatGPT's Calendar Integration Can Be Exploited to Steal Emails
A new ChatGPT calendar integration can be abused to execute an attacker's commands, and researchers at AI security firm EdisonWatch have demonstrated the potential impact by showing how the method can be leveraged to steal a user's emails. EdisonWatch founder Eito Miyamura revealed over the weekend that his company has analyzed ChatGPT's newly added Model Context Protocol (MCP) tool support, which enables the gen-AI service to interact with a user's email, calendar, and more. READ MORE...
- ...in 1620, the Mayflower sails from Plymouth, England, bound for the New World with 102 passengers.
- ...in 1908, William C. Durant founds the General Motors Corporation.
- ...in 1949, Warner. Bros. introduces the Road Runner in the cartoon short "Fast and Furry-ous."
- ...in 1966, the Metropolitan Opera House opens at Lincoln Center in New York City.
