Latest Security News Collection
Palo Alto Networks Hit by Supply Chain Data Breach
Section titled “Palo Alto Networks Hit by Supply Chain Data Breach”#PaloAltoNetworks #SalesloftDrift #OAuthBreach #SupplyChainAttack #Salesforce #DataLeak #Cybersecurity #PhishingAlert #TokenRevocation #Unit42
Palo Alto Networks confirmed a data breach linked to the compromised Salesloft Drift integration, exposing customer contact data and support case details. Attackers used stolen OAuth tokens to access Salesforce instances, exfiltrating sensitive information. Although core systems were unaffected, the breach impacted hundreds of organisations, including Google and Zscaler. The company revoked credentials and launched a full investigation, urging customers to rotate tokens and remain vigilant against phishing attempts.
→ Read more on securityaffairs.com
Clickjacking Flaws Found in Popular Password Managers
Section titled “Clickjacking Flaws Found in Popular Password Managers”#Clickjacking #PasswordManager #Bitwarden #LastPass #DOMSecurity #BrowserExtensions #CredentialTheft #2FA #CyberRisk #SecurityPatch
Security researcher Marek Tóth revealed that several browser-based password managers were vulnerable to DOM-based clickjacking attacks. These flaws could allow attackers to steal credentials, 2FA codes, and credit card details. Affected managers include Bitwarden, Dashlane, LastPass, and others. Fixes were released by August 22, but the incident highlights the risks of browser extensions and the need for robust sandboxing.
→ Read more on thehackernews.com
Medical Cannabis Provider Faces Lawsuits Over Exposure of Nearly One Million Patient Records
Section titled “Medical Cannabis Provider Faces Lawsuits Over Exposure of Nearly One Million Patient Records”#MedicalCannabis #DataBreach #PatientPrivacy #CyberSecurity #OhioMedicalAlliance #TelemedicineRisk #HealthDataExposure #ClassActionLawsuit #UnencryptedDatabase #IdentityProtection
Ohio Medical Alliance, operating as Ohio Marijuana Card, is facing at least six lawsuits after a security researcher uncovered an unprotected database containing nearly one million patient records. The 300GB database lacked password protection and encryption, exposing sensitive health and personal data including medical diagnoses, Social Security numbers, mental health evaluations, and high-resolution ID images. The breach has sparked proposed class action suits in federal court, alleging negligence and failure to safeguard patient information. The firm, which offers telemedicine consultations for medical cannabis eligibility, now faces scrutiny over its data handling practices. The exposed data also included over 210,000 email addresses linked to clients and internal staff. This incident underscores the critical need for robust cybersecurity measures in healthcare, especially in emerging sectors like medical cannabis.
→ Read more on databreachtoday.com
SonicWall VPNs Exploited in Suspected Zero-Day Ransomware Attacks
Section titled “SonicWall VPNs Exploited in Suspected Zero-Day Ransomware Attacks”#SonicWall #ZeroDay #VPNExploit #AkiraRansomware #FirewallSecurity #MFABypass #SSLVPN #CredentialTheft #CyberIncident #PatchNow
SonicWall is investigating a wave of ransomware attacks targeting its Gen 7 firewalls. Despite MFA being enabled, attackers bypassed protections, suggesting a zero-day vulnerability. The Akira ransomware group is suspected. Security firms like Arctic Wolf and Google Mandiant are involved in the investigation. SonicWall urges disabling SSL VPNs and rotating credentials.
→ Read more on theregister.com
Jaguar Land Rover Shuts Down Systems After Cyberattack
Section titled “Jaguar Land Rover Shuts Down Systems After Cyberattack”#JaguarLandRover #Cyberattack #AutomotiveSecurity #OperationalDisruption #SupplyChainRisk #NoDataLeak #CyberResilience #IncidentResponse #DigitalInfrastructure #SecurityAlert
Jaguar Land Rover experienced a cyberattack that forced the company to shut down internal systems and send staff home. While no customer data theft was confirmed, the incident disrupted operations. The attack is part of a growing trend of targeting automotive firms, highlighting vulnerabilities in supply chains and digital infrastructure.
→ Read more on therecord.media
Email Attacks Surge by 27% as Cybercriminals Embrace QR-Code Phishing and Proven Malware
Section titled “Email Attacks Surge by 27% as Cybercriminals Embrace QR-Code Phishing and Proven Malware”#EmailSecurity #PhishingAlert #Quishing #CyberThreats #TrendMicroReport #CredentialPhishing #MalwareSurge #RansomwareTactics #AIInCybersecurity #DarkWebTools
According to Trend Micro’s latest security report, email remains the top entry point for cyberattacks, with threats in cloud environments like Microsoft 365 and Google Workspace rising from 45 million to 57.3 million—a 27% increase. A worrying trend is the rise of “Quishing,” where attackers use QR codes to steal login credentials, exploiting users’ trust in these codes and bypassing traditional security filters. Credential phishing surged by 36%, while known malware families saw a 47% spike in detection, indicating a shift towards reliable, cost-effective tools from the dark web. Ransomware tactics have evolved too, favouring targeted, high-impact attacks over mass campaigns. Meanwhile, artificial intelligence is being weaponised by both defenders and attackers, intensifying the cyber arms race. The report underscores the growing sophistication and professionalisation of cybercrime in 2024.
→ Read more on it-daily.net
Zscaler Confirms Data Exposure in Drift-Linked Supply Chain Attack
Section titled “Zscaler Confirms Data Exposure in Drift-Linked Supply Chain Attack”#Zscaler #SalesloftDrift #OAuthTokens #DataExposure #SupplyChainBreach #SalesforceSecurity #PhishingRisk #CredentialRotation #CyberAlert #SecurityUpdate
Zscaler disclosed a breach tied to the Salesloft Drift incident, where attackers accessed limited Salesforce data using stolen OAuth tokens. Although no misuse was detected, the company revoked access, rotated credentials, and reinforced authentication protocols. Customers are advised to remain alert for phishing attempts.
→ Read more on securityaffairs.com
Russian Hackers Exploit WinRAR Zero-Day in Espionage Campaign
Section titled “Russian Hackers Exploit WinRAR Zero-Day in Espionage Campaign”#WinRARZeroDay #RomComGroup #RussianHackers #CyberEspionage #PhishingCampaign #COMHijacking #MalwareAttack #CVE20258088 #AdvancedThreats #GeopoliticalCybercrime
The RomCom group exploited a zero-day vulnerability in WinRAR (CVE-2025-8088) to target organisations with phishing emails and malware. The campaign used advanced techniques like alternate data streams and COM hijacking. Targets included sectors aligned with Russian geopolitical interests, indicating a shift toward espionage.
→ Read more on bankinfosecurity.com
Google Patches 120 Android Vulnerabilities Including Two Zero-Days
Section titled “Google Patches 120 Android Vulnerabilities Including Two Zero-Days”#AndroidSecurity #GooglePatch #ZeroDayFix #MobileVulnerabilities #LinuxKernel #AndroidRuntime #PrivilegeEscalation #SpywareThreat #SecurityUpdate #CVE202538352
Google released September updates fixing 120 Android vulnerabilities, including two zero-days exploited in targeted attacks. The flaws affect the Linux Kernel and Android Runtime, allowing privilege escalation without user interaction. The update is part of Google’s ongoing efforts to secure mobile platforms against spyware and nation-state threats.
→ Read more on thehackernews.com
Qantas Slashes Executive Bonuses Following Major Customer Data Breach
Section titled “Qantas Slashes Executive Bonuses Following Major Customer Data Breach”#QantasDataBreach #CyberSecurity #ExecutiveAccountability #ScatteredSpider #AviationSecurity #CustomerProtection #DataPrivacy #MFABypass #ThirdPartyRisk #CyberIncidentResponse
Australian airline Qantas has announced a reduction in executive bonuses after a cyberattack exposed sensitive data from over 6 million customer service records. The breach targeted a third-party contact centre platform, compromising names, emails, phone numbers, birth dates, and frequent flyer numbers. Although financial and passport data were not affected, the scale of the incident prompted swift action. CEO Vanessa Hudson confirmed the breach was contained and reported to national cybersecurity authorities. In response, Qantas has set up a dedicated support line and pledged to notify affected customers directly. The decision to cut bonuses reflects the airline’s commitment to accountability and data protection. The attack is part of a broader trend of cybercriminals targeting the aviation sector, with groups like Scattered Spider using social engineering to bypass multi-factor authentication and infiltrate IT systems.
→ Read more on therecord.media
+49 89 360 5310 | security-awareness@metafinanz.de
The editors are not responsible for the content of each article.