Salesloft GitHub Account Compromise Triggered Drift Supply‑Chain Breach, Mandiant Says Summary of the incident Salesloft has disclosed that the chain of events behind a data breach tied to its Drift application began with the compromise of a Salesloft GitHub account. Google-owned Mandiant, which investigated the incident, reported that the threat actor tracked as UNC6395 accessed…
Drift Breach and a Week of Active Zero‑Days: What Security Teams Must Do Now Overview — this week’s headlines Cybersecurity coverage this week was dominated by two interlocking themes: a high‑visibility breach involving the conversational marketing vendor Drift, and a wave of active zero‑day exploits prompting urgent patch warnings. Reporting and vendor advisories emphasized the…
SVG-based phishing campaign impersonates Colombian judiciary to deliver malware The campaign: what VirusTotal uncovered Security researchers at VirusTotal have identified a phishing campaign that hides malicious content inside Scalable Vector Graphics (SVG) files. The SVGs are designed to render convincing portal pages that impersonate Colombia’s judicial system, and they act as delivery mechanisms for malware.…
Microsoft Enforces MFA for Azure Portal Sign‑Ins Across All Tenants What Microsoft changed Microsoft says it has been enforcing multifactor authentication (MFA) for Azure Portal sign‑ins across all tenants since March 2025. Microsoft has been enforcing multifactor authentication for Azure Portal sign‑ins across all tenants since March 2025. The change applies to interactive access to…
Critical SAP S/4HANA Code Injection Vulnerability Actively Exploited Overview: what has been observed Security researchers are reporting active exploitation of a critical code injection vulnerability in SAP S/4HANA, used by attackers to compromise internet-exposed systems. The flaw allows an attacker to inject and execute code on vulnerable S/4HANA instances, giving them a pathway to escalate…
Cloudflare Says It Mitigated a Record 11.5 Tbps Volumetric DDoS Attack What Cloudflare reported Cloudflare announced that its network automatically mitigated a volumetric distributed denial-of-service (DDoS) attack that peaked at 11.5 terabits per second (Tbps). In the same post the company said its systems had “autonomously blocked hundreds of hyper-volumetric DDoS attacks” over recent weeks,…
Hackers Breach Fintech Environment, Attempted $130M Theft via Brazil’s Pix Network What happened On 2 September 2025, security reporting indicated that attackers gained unauthorized access to the environment of Evertec’s Brazilian subsidiary, Sinqia S.A., and attempted to steal $130 million by exploiting connectivity to Brazil’s central bank real‑time payment system, Pix. “Hackers tried to steal…
Lazarus Group Uses PondRAT, ThemeForestRAT and RemotePE in Social‑Engineering Strike on DeFi Organization Summary of the observed campaign Security researchers at NCC Group’s Fox‑IT observed a social‑engineering campaign in 2024 that has been attributed to the North Korea‑linked actor known as the Lazarus Group. The campaign distributed three distinct pieces of cross‑platform malware — named…
Cloudflare Says It Mitigated Record 11.5 Tbps Volumetric DDoS Attack What Cloudflare reported Internet infrastructure company Cloudflare said it recently blocked the largest recorded volumetric distributed denial-of-service (DDoS) attack, which peaked at 11.5 terabits per second (Tbps). Cloudflare said it recently blocked the largest recorded volumetric distributed denial-of-service (DDoS) attack, which peaked at 11.5 terabits…
What is Data Loss Prevention (DLP)? The definition of Data Loss Prevention encompasses a set of practices and tools designed to prevent data leakage (also known as data exfiltration) due to intentional and unintentional misuse. These practices and tools include encryption, detection, preventive measures, educational pop-ups (for unintentional movements), and even machine learning to assess…