CISA says it observed nearly year-old activity tied to Cisco zero-day attacks
The Cybersecurity and Infrastructure Security Agency acknowledged it's yet to get a complete handle on the scope and impact of attacks involving Cisco zero-day vulnerabilities that prompted it to release an emergency directive Thursday. The attack timeline dates back almost a year, according to an investigation Cisco and federal authorities did behind the scenes to identify the root cause and then coordinate the issuance of patches to address software defects under active exploitation. READ MORE...
Volvo North America confirms staff data stolen following ransomware attack on IT supplier
Volvo North America is the latest large organization to announce attackers accessed employee data after a ransomware attack struck its HR system provider. It told staff recently that their first and last names, along with their social security numbers, were hit when cybercriminals raided Swedish software slinger Miljödata in August. According to a disclosure [PDF] filed with the Massachusetts Attorney General's office, the attack on Miljödata occurred on August 20. READ MORE...
Unofficial Postmark MCP npm silently stole users' emails
A npm package copying the official 'postmark-mcp' project on GitHub turned bad with the latest update that added a single line of code to exfiltrate all its users' email communication. The malicious package was a perfect replica of the authentic one in terms of code and description, appearing as an official port on npm for 15 iterations. Model Context Protocol (MCP) is an open standard that allows AI assistants to interface with external tools, APIs, and databases. READ MORE...
North Korea's Fake Recruiters Feed Stolen Data to IT Workers
The North Korean threat actor behind the DeceptiveDevelopment campaign is supplying stolen developer information to the country's horde of fraudulent IT workers, ESET reports. Initially detailed in February but ongoing since at least 2023, the DeceptiveDevelopment campaign targets developers associated with cryptocurrency and decentralized finance projects with fake job offers aimed at information theft and malware infection. READ MORE...
Maximum severity GoAnywhere MFT flaw exploited as zero day
Hackers are actively exploiting a maximum severity vulnerability (CVE-2025-10035) in Fortra's GoAnywhere MFT that allows injecting commands remotely without authentication. The vendor disclosed the flaw on September 18, buit the company had learned about it a week earlier, and did not share any details on how it was discovered or if it was being exploited. CVE-2025-10035 is a deserialization vulnerability in the License Servlet of the GoAnywhere managed file transfer software. READ MORE...
Salesforce AI Agents Forced to Leak Sensitive Data
Salesforce Web forms can be manipulated by the company's "Agentforce" autonomous agent into exfiltrating customer relationship management (CRM) data - a concerning development as legacy software-as-a-service (SaaS) providers race to integrate agentic AI into their platforms to zhuzh up the user experience and generate buzz among investors. Agentforce is an agentic AI platform built into the Salesforce ecosystem, which allows users to spin up autonomous agents for most conceivable tasks. READ MORE...
- ...in 1774, legendary conservationist and missionary John Chapman, aka "Johnny Appleseed", was born in Leominster, MA.
- ...in 1960, the first-ever televised presidential debate takes place between candidates Richard M. Nixon and John F. Kennedy.
- ...in 1966, the first Chevrolet Camaro appeared.
- ...in 1969, the last studio album by the Beatles, "Abbey Road", is released.
