@guardian360.bsky.social
The flaw, which received a 9.8 CVSS score, was first disclosed and patched on Oct. 21 in Oracle's monthly security update along with 373 other vulnerabilities. www.darkreading.com/vulnerab...
November 25, 2025 at 5:30 PM
The flaw, which received a 9.8 CVSS score, was first disclosed and patched on Oct. 21 in Oracle's monthly security update along with 373 other vulnerabilities. www.darkreading.com/vulnerab...
The malware stole credentials and other sensitive information, and when these credentials included NPM accounts with access to open source projects, the cycle could repeat. www.darkreading.com/applicat...
November 25, 2025 at 4:00 PM
The malware stole credentials and other sensitive information, and when these credentials included NPM accounts with access to open source projects, the cycle could repeat. www.darkreading.com/applicat...
In this iteration, the malware took stolen developer accounts (particularly NPM), republished poisoned versions of the software components these accounts maintain, and then infected downstream users that download the poisoned packages.
November 25, 2025 at 4:00 PM
In this iteration, the malware took stolen developer accounts (particularly NPM), republished poisoned versions of the software components these accounts maintain, and then infected downstream users that download the poisoned packages.
It hijacks network traffic using a specially designed implant, re-routes legitimate software update requests to its own infrastructure, and then serves victims malicious substitutes. www.darkreading.com/endpoint...
November 25, 2025 at 1:01 PM
It hijacks network traffic using a specially designed implant, re-routes legitimate software update requests to its own infrastructure, and then serves victims malicious substitutes. www.darkreading.com/endpoint...
But where most APTs use edge devices as initial entry points to deeper network compromise, researchers at ESET have found that PlushDaemon uses them in its own way.
November 25, 2025 at 1:01 PM
But where most APTs use edge devices as initial entry points to deeper network compromise, researchers at ESET have found that PlushDaemon uses them in its own way.
"PlushDaemon" is one such group that has quietly, for quite a while now, been taking its own approach to the update hijack. Like Chinese advanced persistent threats (APTs) often do, it infects organizations through their edge devices.
November 25, 2025 at 1:00 PM
"PlushDaemon" is one such group that has quietly, for quite a while now, been taking its own approach to the update hijack. Like Chinese advanced persistent threats (APTs) often do, it infects organizations through their edge devices.
When the SolarWinds breach was unearthed in 2020, it might have seemed like a uniquely devious event in cybersecurity history. But cyberattackers and cybersecurity researchers have been finding other, novel ways of poisoning software updates since then.
November 25, 2025 at 1:00 PM
When the SolarWinds breach was unearthed in 2020, it might have seemed like a uniquely devious event in cybersecurity history. But cyberattackers and cybersecurity researchers have been finding other, novel ways of poisoning software updates since then.
November 25, 2025 at 8:32 AM
They broke into Salesloft, stole OAuth tokens that connect Drift and Salesforce, and used them to reach hundreds of organizations' Salesforce environments, with all of the powers and permissions within Salesforce that those organizations had granted the Drift app.
November 25, 2025 at 8:31 AM
They broke into Salesloft, stole OAuth tokens that connect Drift and Salesforce, and used them to reach hundreds of organizations' Salesforce environments, with all of the powers and permissions within Salesforce that those organizations had granted the Drift app.
The threat actors performed a supply chain breach through Salesloft's Drift, an integrated application that uses artificial intelligence (AI) to automate marketing and sales processes.
November 25, 2025 at 8:31 AM
The threat actors performed a supply chain breach through Salesloft's Drift, an integrated application that uses artificial intelligence (AI) to automate marketing and sales processes.
Following a spring vishing campaign targeting organizations' Salesforce environments, a ShinyHunters-adjacent threat group hit Salesforce again in August.
November 25, 2025 at 8:30 AM
Following a spring vishing campaign targeting organizations' Salesforce environments, a ShinyHunters-adjacent threat group hit Salesforce again in August.
That raises the strategic question security leaders now face: If automation is taking over the grunt work, who trains the next generation of defenders? www.darkreading.com/cybersec...
November 24, 2025 at 11:05 AM
That raises the strategic question security leaders now face: If automation is taking over the grunt work, who trains the next generation of defenders? www.darkreading.com/cybersec...
AI is elevating today's analysts, yet it may leave tomorrow's leaders without the hands-on experience they need. As Visa CISO Subra Kumaraswamy notes, even with AI doing the repetitive work, teams still have to learn about "the art and science of defense."
November 24, 2025 at 11:05 AM
AI is elevating today's analysts, yet it may leave tomorrow's leaders without the hands-on experience they need. As Visa CISO Subra Kumaraswamy notes, even with AI doing the repetitive work, teams still have to learn about "the art and science of defense."
Now that AI is absorbing the grind, some say organizations risk accelerating efficiency at the cost of developing foundational expertise.
The result is an emerging paradox.
The result is an emerging paradox.
November 24, 2025 at 11:04 AM
Now that AI is absorbing the grind, some say organizations risk accelerating efficiency at the cost of developing foundational expertise.
The result is an emerging paradox.
The result is an emerging paradox.
Alert triage. Drift detection. Basic investigation. These tasks were how generations of defenders traditionally learned the cybersecurity trade — how they built intuition, pattern recognition, and the "muscle memory" that senior leaders rely on during times of crisis.
November 24, 2025 at 11:04 AM
Alert triage. Drift detection. Basic investigation. These tasks were how generations of defenders traditionally learned the cybersecurity trade — how they built intuition, pattern recognition, and the "muscle memory" that senior leaders rely on during times of crisis.
November 24, 2025 at 9:35 AM
A Chainguard study, for example, found that popular Debian-based Docker images had 280 vulnerabilities, on average, while a study published by NetRise and based on a randomly selected sample of 70 different images found that the average container had 604 vulnerabilities.
November 24, 2025 at 9:35 AM
A Chainguard study, for example, found that popular Debian-based Docker images had 280 vulnerabilities, on average, while a study published by NetRise and based on a randomly selected sample of 70 different images found that the average container had 604 vulnerabilities.
Unless you decide to take action. www.malwarebytes.com/blog/ne...
November 22, 2025 at 8:40 AM
Unless you decide to take action. www.malwarebytes.com/blog/ne...
Reportedly, Google has recently started automatically opting users in to allow Gmail to access all private messages and attachments for training its AI models. This means your emails could be analyzed to improve Google’s AI assistants, like Smart Compose or AI-generated replies.
November 22, 2025 at 8:40 AM
Reportedly, Google has recently started automatically opting users in to allow Gmail to access all private messages and attachments for training its AI models. This means your emails could be analyzed to improve Google’s AI assistants, like Smart Compose or AI-generated replies.