Cybersecurity - Insights Cybersecurity - News News News - Insights

TransUnion Confirms Data Breach Exposing 4.4 Million Customers’ Personal Information

TransUnion, one of the largest credit reporting agencies in the United States, has confirmed a major data breach that exposed the personal information of more than 4.4 million individuals.In a filing with the Maine Attorney General’s Office, the company revealed that the incident occurred on July 28 and was linked to unauthorized access of a third-party application used to manage customer support operations. The compromised system contained personal data belonging to U.S. consumers.Although TransUnion emphasized that “no credit data was accessed,” the company has not provided evidence to support this claim. Initial disclosures did not specify which categories of personal [...]

Read more

Cybersecurity - Insights Cybersecurity - News News News - Insights

Malicious Nx Packages Exploited in ‘s1ngularity’ Supply Chain Attack, Leaking 2,349 Secrets

The maintainers of the popular Nx build system have disclosed a major supply chain attack in which threat actors managed to publish malicious versions of the Nx npm package and related plugins, embedding credential-stealing functionality. According to the advisory, these compromised packages contained code designed to scan local file systems, harvest credentials, and upload them to GitHub repositories under the victim’s own account. Nx, an open-source build platform known for its AI-first approach and broad adoption, sees more than 3.5 million weekly downloads. The attack was traced back to August 26, 2025, and impacted multiple versions of both the core [...]

Read more

Cybersecurity - Insights Cybersecurity - News News News - Insights

Claude AI Exploited in Large-Scale Cybercrime Operation

Anthropic, the company behind the well-known AI coding assistant Claude, has revealed that the chatbot was misused to power a widespread extortion campaign. According to a recent Threat Intelligence report, cybercriminals leveraged Claude to automate and coordinate sophisticated attacks against multiple sectors. The report explains that: “Cyber threat actors leverage AI—using coding agents to actively execute operations on victim networks, known as vibe hacking.” What is Vibe Hacking? Vibe hacking, also referred to as vibe coding, allows users to create software by describing in plain language what they want a program to do—leaving the AI to generate the actual code. [...]

Read more

Cybersecurity - Insights Cybersecurity - News News News - Insights

Salesloft OAuth Breach via Drift AI Chat Agent Exposes Salesforce Customer Data

A significant data theft campaign has targeted the Salesloft sales automation platform, exploiting OAuth and refresh tokens linked to the Drift AI chat agent to access sensitive customer information in Salesforce. Researchers from Google Threat Intelligence Group and Mandiant have attributed the campaign to the threat actor known as UNC6395. The activity, which ran from August 8 to at least August 18, 2025, focused on Salesforce customer instances connected via compromised OAuth tokens from the Salesloft Drift third-party application. Threat actors were observed exporting large volumes of data from numerous corporate Salesforce instances. The stolen data likely includes AWS access [...]

Read more

Cybersecurity - Insights Cybersecurity - News News News - Insights

PromptLock: The First AI-Powered Ransomware Proof-of-Concept

Cybersecurity researchers have identified the first known ransomware family leveraging artificial intelligence for its local operations. Dubbed PromptLock, this malware demonstrates how AI can be integrated into traditional ransomware workflows, even if it is currently only a proof-of-concept (PoC). Developed in GoLang and using OpenAI’s GPT-OSS:20b, an open-weight AI model, PromptLock dynamically generates attack scripts. These scripts, written in Lua, allow the malware to perform filesystem enumeration, file inspection, data exfiltration, and file encryption. Both Windows and Linux variants have been observed, and the Lua scripts are cross-platform compatible. For encryption, PromptLock employs the SPECK 128-bit algorithm. ESET, the security [...]

Read more

Cybersecurity - Insights Cybersecurity - News News News - Insights

ShadowSilk Campaign Targets Central Asian Governments

A new wave of cyberattacks is making headlines, with researchers linking a campaign called ShadowSilk to espionage operations against government organizations across Central Asia and the Asia-Pacific region. The findings, recently published by Group-IB with support from CERT-KG, highlight the growing sophistication of this threat actor. A Campaign with Familiar Roots The ShadowSilk activity has been ongoing since 2023 and was still active as of July 2025. Analysts point to overlaps with the tactics of the previously identified YoroTrooper group, but emphasize that ShadowSilk has evolved into a distinct operation with new infrastructure, advanced tooling, and signs of a dual [...]

Read more

Cybersecurity - Insights Cybersecurity - News News News - Insights

Anthropic Thwarts AI-Powered Cyberattack Campaign Automating Theft and Extortion

Anthropic announced that it successfully disrupted a highly sophisticated cyber operation in July 2025, where malicious actors weaponized its AI-powered assistant, Claude, to orchestrate large-scale data theft and extortion attempts. According to the company, the campaign targeted at least 17 organizations across critical sectors, including healthcare, emergency services, government entities, and religious institutions. Instead of using traditional ransomware encryption, the attackers threatened to publicly leak stolen data to pressure victims into paying ransoms — in some cases exceeding $500,000. AI as the Core of the Attack Investigators revealed that the threat actor leveraged Claude Code on Kali Linux as a [...]

Read more

Cybersecurity - Insights Cybersecurity - News News News - Insights

Another Security Flaw in TheTruthSpy Exposes Victims’ Data

TheTruthSpy, an infamous Android-based stalkerware, has once again come under scrutiny after a new vulnerability was uncovered. A security researcher found that the app’s servers contain a flaw that could allow attackers to compromise any user account. The spyware works by being secretly installed on a victim’s Android device, where it collects sensitive information such as calls, texts, GPS location, files, and activity from messaging apps. This data is then transmitted to a central server. However, recent findings revealed that anyone could reset the password of any account, effectively taking control of that victim’s data. Security researcher Swarang Wade demonstrated [...]

Read more

Opinion Software

Achieve Your Goals with Habits

Read more

Cybersecurity - News Insights Opinion

Why is Endpoint Protection CRUCIAL for Your Company?

Read more

Opinion

Best Practice for Updating the DOM in React After Making an HTTP POST Request

Read more

Events

Executive Breakfast: Cybersecurity + Autonomous AI and “Dark Horse” Ransomware with ThreatDown Corporate Team

Read more