Iranian Hackers Exploit 100+ Embassy Email Accounts in Global Phishing Targeting Diplomats The Hacker [email protected] (The Hacker News)
September 3, 2025

An Iran-nexus group has been linked to a "coordinated" and "multi-wave" spear-phishing campaign targeting the embassies and consulates in Europe and other regions across the world. The activity has been attributed …


Cloudflare Blocks Record-Breaking 11.5 Tbps DDoS Attack The Hacker [email protected] (The Hacker News)
September 3, 2025

Cloudflare on Tuesday said it automatically mitigated a record-setting volumetric distributed denial-of-service (DDoS) attack that peaked at 11.5 terabits per second (Tbps). "Over the past few weeks, we've autonomously blocked hundreds …


UAE to Implement Cyber Education Initiative darkreadingKristina Beek
September 2, 2025

The initiative will be tailored to students and their growth in cybersecurity preparedness. The initiative will be tailored to students and their growth in cybersecurity preparedness.  ​Read More


CISA Adds TP-Link and WhatsApp Flaws to KEV Catalog Amid Active Exploitation The Hacker [email protected] (The Hacker News)
September 2, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a high-severity security flaw impacting TP-Link TL-WA855RE Wi-Fi Ranger Extender products to its Known Exploited Vulnerabilities (KEV) catalog, citing …


Salesloft Takes Drift Offline After OAuth Token Theft Hits Hundreds of Organizations The Hacker [email protected] (The Hacker News)
September 2, 2025

Salesloft on Tuesday announced that it's taking Drift temporarily offline "in the very near future," as multiple companies have been ensnared in a far-reaching supply chain attack spree targeting the …


ISC Stormcast For Wednesday, September 3rd, 2025 https://isc.sans.edu/podcastdetail/9596, (Wed, Sep 3rd) SANS Internet Storm Center, InfoCON: green
September 2, 2025

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.  ​Read More


Amazon Stymies APT29 Credential Theft Campaign darkreadingJai Vijayan, Contributing Writer
September 2, 2025

A group linked to Russian intelligence services redirected victims to fake Cloudflare verification pages and exploited Microsoft's device code authentication flow. A group linked to Russian intelligence services redirected victims to …


WordPress Woes Continue Amid ClickFix Attacks, TDS Threats darkreadingRob Wright
September 2, 2025

Vulnerable and malicious plug-ins are giving threat actors the ability to compromise WordPress sites and use them as a springboard to a variety of cyber threats and scams. Vulnerable and malicious …


Zscaler, Palo Alto Networks Breached via Salesloft Drift darkreadingAlexander Culafi
September 2, 2025

Two major security firms suffered downstream compromises as part of a large-scale supply chain attack involving Salesloft Drift, a marketing SaaS application from Salesforce. Two major security firms suffered downstream compromises …


Jaguar Land Rover Shuts Down in Scramble to Secure ‘Cyber Incident’ darkreadingKristina Beek
September 2, 2025

The luxury automaker said its retail and production activities have been "severely disrupted." The luxury automaker said its retail and production activities have been "severely disrupted."  ​Read More