Tech News FREE Phone 0800 210 013 Tech NewsGoogle Warns Salesloft OAuth Breach Extends Beyond Salesforce, Impacting All Integrations August 29, 2025Google has revealed that the recent wave of attacks targeting Salesforce instances via Salesloft Drift is much broader in scope than previously thought, stating it impacts all integrations. "We now advise all Salesloft Drift customers to treat any and all authentication tokens stored in or connected to the Drift platform as potentially compromised," Google Threat […]TamperedChef Malware Disguised as Fake PDF Editors Steals Credentials and Cookies August 29, 2025Cybersecurity researchers have discovered a cybercrime campaign that's using malvertising tricks to direct victims to fraudulent sites to deliver a new information stealer called TamperedChef. "The objective is to lure victims into downloading and installing a trojanized PDF editor, which includes an information-stealing malware dubbed TamperedChef," Truesec researchers Mattias Wåhlén, NicklasResearchers Find VS Code Flaw Allowing Attackers to Republish Deleted Extensions Under Same Names August 28, 2025Cybersecurity researchers have discovered a loophole in the Visual Studio Code Marketplace that allows threat actors to reuse names of previously removed extensions. Software supply chain security outfit ReversingLabs said it made the discovery after it identified a malicious extension named "ahbanC.shiba" that functioned similarly to two other extensions – ahban.shiba and ahban.cychelloworld –Salt Typhoon Exploits Cisco, Ivanti, Palo Alto Flaws to Breach 600 Organizations Worldwide August 28, 2025The China-linked advanced persistent threat (APT) actor known as Salt Typhoon has continued its attacks targeting networks across the world, including organizations in the telecommunications, government, transportation, lodging, and military infrastructure sectors. "While these actors focus on large backbone routers of major telecommunications providers, as well as provider edge (PE) andWebinar: Why Top Teams Are Prioritizing Code-to-Cloud Mapping in Our 2025 AppSec August 28, 2025Picture this: Your team rolls out some new code, thinking everything's fine. But hidden in there is a tiny flaw that explodes into a huge problem once it hits the cloud. Next thing you know, hackers are in, and your company is dealing with a mess that costs millions. Scary, right? In 2025, the average […]Hidden Vulnerabilities of Project Management Tools & How FluentPro Backup Secures Them August 28, 2025Every day, businesses, teams, and project managers trust platforms like Trello, Asana, etc., to collaborate and manage tasks. But what happens when that trust is broken? According to a recent report by Statista, the average cost of a data breach worldwide was about $4.88 million. Also, in 2024, the private data of over 15 million […]Malicious Nx Packages in ‘s1ngularity’ Attack Leaked 2,349 GitHub, Cloud, and AI Credentials August 28, 2025The maintainers of the nx build system have alerted users to a supply chain attack that allowed attackers to publish malicious versions of the popular npm package and other auxiliary plugins with data-gathering capabilities. "Malicious versions of the nx package, as well as some supporting plugin packages, were published to npm, containing code that scans […]U.S. Treasury Sanctions DPRK IT-Worker Scheme, Exposing $600K Crypto Transfers and $1M+ Profits August 28, 2025The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) announced a fresh round of sanctions against two individuals and two entities for their role in the North Korean remote information technology (IT) worker scheme to generate illicit revenue for the regime's weapons of mass destruction and ballistic missile programs. "The North Korean […]
