cybersecurity
FinWise insider breach impacts 689K American First Finance customers
FinWise Bank is warning on behalf of corporate customers that it suffered a data breach after a former employee accessed sensitive files after the end of their employment. “On May 31, 2024, FinWise experienced a data security incident involving a former employee who accessed FinWise data after the end of their employment,” reads a data […]
Czech cyber agency warns against Chinese tech in critical infrastructure
The Czech Republic’s National Cyber and Information Security Agency (NUKIB) is instructing critical infrastructure organizations in the country to avoid using Chinese technology or transferring user data to servers located in China. The agency warned that these actions constitute a significant cybersecurity threat and should be entirely avoided unless there’s a reasonable justification for continuing […]
Murky Panda hackers exploit cloud trust to hack downstream customers
A Chinese state-sponsored hacking group known as Murky Panda (Silk Typhoon) exploits trusted relationships in cloud environments to gain initial access to the networks and data of downstream customers. Murky Panda, also known as Silk Typhoon (Microsoft) and Hafnium, is known for targeting government, technology, academic, legal, and professional services organizations in North America. The […]
ShinyHunters behind Salesforce data theft attacks at Qantas, Allianz Life, and LVMH
A wave of data breaches impacting companies like Qantas, Allianz Life, LVMH, and Adidas has been linked to the ShinyHunters extortion group, which has been using voice phishing attacks to steal data from Salesforce CRM instances. In June, Google’s Threat Intelligence Group (GTIG) warned that threat actors tracked as UNC6040 were targeting Salesforce customers in social […]
UK launches vulnerability research program for external experts
UK’s National Cyber Security Centre (NCSC) has announced a new Vulnerability Research Initiative (VRI) that aims to strengthen relations with external cybersecurity experts. The agency already conducts internal vulnerability research on a wide range of technologies and will continue to do so. However, the launch of VRI will create a parallel program designed to improve […]
Man pleads guilty to hacking networks to pitch security services
A Kansas City man has pleaded guilty to hacking multiple organizations to advertise his cybersecurity services, the U.S. Department of Justice announced on Wednesday. 32-year-old Nicholas Michael Kloster was indicted last year for hacking into the networks of three organizations in 2024, including a health club and a Missouri nonprofit corporation. According to court documents, Kloster accessed the […]
Kali Linux 2025.2 Released: New Tools, Smartwatch and Car Hacking Added
Kali Linux, the preferred distribution for security professionals, has launched its second major release of 2025, Kali Linux 2025.2, in June. This update introduces a restructured Kali Menu, upgraded desktop environments, 13 new tools, and significant Kali NetHunter advancements, including smartwatch Wi-Fi injection and a car hacking toolset. Here’s a concise look at the key […]
Zoomcar discloses security breach impacting 8.4 million users
Zoomcar Holdings (Zoomcar) has disclosed that unauthorized accessed its system led to a data breach impacting 8.4 million users. The incident was detected on June 9, after a threat actor emailed company employees alerting them of a cyberattack. Although there has been no material disruption to services, the company’s internal investigation confirmed that sensitive data […]
SentinelOne shares new details on China-linked breach attempt
SentinelOne has shared more details on an attempted supply chain attack by Chinese hackers through an IT services and logistics firm that manages hardware logistics for the cybersecurity firm. SentinelOne is an American endpoint protection (EDR/XDR) solutions provider that protects critical infrastructure in the country and numerous large enterprises. It is a high-value target for […]
Old AT&T data leak repackaged to link SSNs, DOBs to 49M phone numbers
A threat actor has re-released data from a 2021 AT&T breach affecting 70 million customers, this time combining previously separate files to directly link Social Security numbers and birth dates to individual users. AT&T told GeekFeed that they are investigating the data but also believe it originates from the known breach and was repackaged into […]