Security
Headlines
HeadlinesLatestCVEs

Source

HackRead

Salesloft Drift Breach Traced to GitHub Compromise and Stolen OAuth Tokens

Salesloft Drift breach traced to GitHub compromise and stolen OAuth tokens, Mandiant confirms breach contained and Salesforce data targeted.

HackRead
Open in Source
#google#git#intel#aws#oauth#auth
Critical SAP Vulnerability CVE-2025-42957 Actively Exploited by Hackers

Urgent security alert for SAP users! A critical vulnerability (CVE-2025-42957) allows attackers to take full control of your…

GhostAction Attack Steals 3,325 Secrets from GitHub Projects

GhostAction supply chain attack hit 817 GitHub repositories, stealing 3,325 secrets including npm, PyPI, and DockerHub tokens.

Bridgestone Confirms Cyberattack Disrupting North American Plants

Bridgestone confirms a cyberattack that disrupted manufacturing plants. This article details the impact on employees, expert analysis, and…

Chess.com Hit by Limited Data Breach Linked to 3rd-Party File Transfer Tool

Chess.com confirms a limited data breach affecting 4,500 users after a third-party file transfer tool was compromised. No…

Scammers Exploit Grok AI With Video Ad Scam to Push Malware on X

Researchers at Guardio Labs have uncovered a new “Grokking” scam where attackers trick Grok AI into spreading malicious…

Russian APT28 Deploys “NotDoor” Backdoor Through Microsoft Outlook

APT28 hackers deploy NotDoor backdoor via Microsoft Outlook macros, using OneDrive sideloading to steal data and evade detection.

Model Namespace Reuse Flaw Hijacks AI Models on Google and Microsoft Platforms

A new security vulnerability called ‘Model Namespace Reuse’ allows attackers to hijack AI models on Google, Microsoft, and…

New Malware Uses Windows Character Map for Cryptomining

Darktrace reports new malware hijacking Windows Character Map for cryptomining, exposing risks of hidden attacks in everyday software…

Sendmarc appoints Rob Bowker as North American Region Lead

Wilmington, United States, 4th September 2025, CyberNewsWire