Saturday, October 4, 2025
Cybersecurity News
Industry News
Expert Insights
Webinars
Learning Center
Topics
About
Sponsor
Cybersecurity News
Industry News
Expert Insights
Webinars
Learning Center
Topics
About
Sponsor
Combing the world for the cybersecurity stories you need to know.
Cybersecurity News
Salesforce Vulnerability Chain Exposes AI Agent Risks
October 03, 2025
The role of AI agents continues to expand rapidly within enterprise workflows. A case in point is the Salesforce Agentforce solution. The AI-powered platform allows enterprises to customize autonomous agents to streamline customer engagements and…
Read More >
AI-Driven Development Fuels New Vulnerabilities
October 03, 2025
In the past several years, AI has gone through massive growth, rapidly expanding in capabilities, popularity, and reach. This has led to an explosion of AI-driven development and faster release cycles, but it has also…
Read More >
FBI Warns of New Salesforce Data Extortion Campaigns
September 30, 2025
The FBI has issued a FLASH alert warning of new data theft and extortion campaigns aimed at Salesforce users. Investigators say two cybercriminal groups are breaking into Salesforce instances through social engineering schemes and compromised…
Read More >
How Steganography and Bitbucket Are Delivering the StealC Information Stealer
September 29, 2025
A user opens their email to find what looks to be a legitimate—and urgent—message purporting to be from Meta Support. The email claims that the user’s account has been reported and is scheduled to be…
Read More >
New Vulnerability Exposes Developers to Silent Code Execution
September 26, 2025
Developers using the popular AI-powered code editor Cursor may be exposing themselves to silent attacks the moment they open a project. Oasis Security uncovered a critical vulnerability that, unlike the typical IDE flaws rooted in…
Read More >
Luxury Fashion Faces a Cyber Reckoning: Kering Breach Exposes Millions
September 24, 2025
Luxury fashion group Kering, which includes such high-end brands as Gucci, Balenciaga, and Yves Saint Laurent, has recently been hit by a major data breach. Malicious actors hacked Kering’s systems to steal vast amounts of…
Read More >
Why a Shared SBOM Vision Could Be the Key to Securing the Software Supply Chain
September 23, 2025
In an era of increasingly interconnected digital landscapes, the software supply chain is a crucial area to secure, affecting organizations across all sectors. Software supply chain attacks are on the rise among modern threats, and…
Read More >
How a Self-Propagating npm Attack Is Hunting Developer Secrets
September 23, 2025
A developer runs a routine update, the kind that happens dozens of times a week. Nothing unusual flashes on the screen. But buried inside the new package is a hidden file called bundle.js. The moment…
Read More >
Burger King Parent RBI Exposed by Ethical Hackers
September 16, 2025
Recently, ethical hackers uncovered critical vulnerabilities in platforms hosted by Restaurant Brands International, the parent company that owns such major fast food chains as Burger King, Popeyes Louisiana Kitchen, and Tim Hortons. Two ethical hackers,…
Read More >
SEO Poisoning Campaign Targets Chinese Users with Hiddengh0st and Winos Malware
September 15, 2025
Many security issues on the internet stem from avoidable mistakes based on an assumption of safety or legitimacy, often supported by implicitly understood “trust signals.” Users online are primed to have confidence in search engines,…
Read More >
CISA Flags Actively Exploited Flaws in TP-Link Devices and WhatsApp
September 15, 2025
The Cybersecurity and Infrastructure Security Agency has added two more entries to its Known Exploited Vulnerabilities catalog, the list of bugs it says pose significant risk to the federal enterprise. Inclusion on the KEV means…
Read More >
Crypto-Stealing Code Slips Into NPM
September 12, 2025
Josh Junon, a software developer and maintainer, revealed on social media this week that his account had been compromised and 18 of his popular JavaScript packages tampered with. The malicious updates injected code designed to…
Read More >
Docker Desktop Flaw Exposes Hosts to Privilege Escalation
September 08, 2025
Containers are a highly important security boundary used in countless contexts to isolate an environment from other applications on the operating system. The container environment, such as a sandbox, works toward a variety of purposes,…
Read More >
AI Risks and Supply Chain Demands Redefine the Future
September 06, 2025
The embedded software industry is in the middle of a major reset. According to Black Duck’s State of Embedded Software Quality and Safety 2025 report, AI tools are changing how code is written, tested, and…
Read More >
Workday Breach Highlights Expanding Wave of Social Engineering Attacks
September 02, 2025
Social engineering, while an age-old tactic of cybercriminals, is by no means outdated or ineffective in modern environments. Threat actors continue to rely on deceptive methods and take advantage of the human element to cause…
Read More >
The Hidden Cost of OT Cyber Disruption
September 01, 2025
Operational technology has become a prime target for cyberattacks, and the stakes are growing. These are the systems behind factories, power grids, and transit networks. When they fail, the disruption spreads well beyond the IT…
Read More >
Why Credential Theft and Data Exfiltration Are Outpacing Ransomware
August 29, 2025
Due to the constant evolution of the threat landscape, the common reputation of ransomware is no longer representative of reality. While many think of ransomware solely as hackers compromising and encrypting sensitive files in order…
Read More >
47-Day Certificates and Quantum Computing: Why Crypto Agility Can’t Wait
August 29, 2025
Digital trust is now entering one of the most disruptive periods in its history. Two forces are converging that will redefine how organizations secure their data and transactions: The radical shortening of SSL/TLS certificate lifespans…
Read More >
Subscribe for the Latest News
"
*
" indicates required fields
Company
This field is for validation purposes and should be left unchanged.
First Name
*
Last Name
*
Company Name
*
Job Title
*
Email
*
Country
*
Country *
United States
Afghanistan
Albania
Algeria
American Samoa
Andorra
Angola
Anguilla
Antarctica
Antigua and Barbuda
Argentina
Armenia
Aruba
Australia
Austria
Azerbaijan
Bahamas
Bahrain
Bangladesh
Barbados
Belarus
Belgium
Belize
Benin
Bermuda
Bhutan
Bolivia
Bonaire, Sint Eustatius and Saba
Bosnia and Herzegovina
Botswana
Bouvet Island
Brazil
British Indian Ocean Territory
Brunei Darussalam
Bulgaria
Burkina Faso
Burundi
Cabo Verde
Cambodia
Cameroon
Canada
Cayman Islands
Central African Republic
Chad
Chile
China
Christmas Island
Cocos Islands
Colombia
Comoros
Congo
Congo, Democratic Republic of the
Cook Islands
Costa Rica
Croatia
Cuba
Curaçao
Cyprus
Czechia
Côte d'Ivoire
Denmark
Djibouti
Dominica
Dominican Republic
Ecuador
Egypt
El Salvador
Equatorial Guinea
Eritrea
Estonia
Eswatini
Ethiopia
Falkland Islands
Faroe Islands
Fiji
Finland
France
French Guiana
French Polynesia
French Southern Territories
Gabon
Gambia
Georgia
Germany
Ghana
Gibraltar
Greece
Greenland
Grenada
Guadeloupe
Guam
Guatemala
Guernsey
Guinea
Guinea-Bissau
Guyana
Haiti
Heard Island and McDonald Islands
Holy See
Honduras
Hong Kong
Hungary
Iceland
India
Indonesia
Iran
Iraq
Ireland
Isle of Man
Israel
Italy
Jamaica
Japan
Jersey
Jordan
Kazakhstan
Kenya
Kiribati
Korea, Democratic People's Republic of
Korea, Republic of
Kuwait
Kyrgyzstan
Lao People's Democratic Republic
Latvia
Lebanon
Lesotho
Liberia
Libya
Liechtenstein
Lithuania
Luxembourg
Macao
Madagascar
Malawi
Malaysia
Maldives
Mali
Malta
Marshall Islands
Martinique
Mauritania
Mauritius
Mayotte
Mexico
Micronesia
Moldova
Monaco
Mongolia
Montenegro
Montserrat
Morocco
Mozambique
Myanmar
Namibia
Nauru
Nepal
Netherlands
New Caledonia
New Zealand
Nicaragua
Niger
Nigeria
Niue
Norfolk Island
North Macedonia
Northern Mariana Islands
Norway
Oman
Pakistan
Palau
Palestine, State of
Panama
Papua New Guinea
Paraguay
Peru
Philippines
Pitcairn
Poland
Portugal
Puerto Rico
Qatar
Romania
Russian Federation
Rwanda
Réunion
Saint Barthélemy
Saint Helena, Ascension and Tristan da Cunha
Saint Kitts and Nevis
Saint Lucia
Saint Martin
Saint Pierre and Miquelon
Saint Vincent and the Grenadines
Samoa
San Marino
Sao Tome and Principe
Saudi Arabia
Senegal
Serbia
Seychelles
Sierra Leone
Singapore
Sint Maarten
Slovakia
Slovenia
Solomon Islands
Somalia
South Africa
South Georgia and the South Sandwich Islands
South Sudan
Spain
Sri Lanka
Sudan
Suriname
Svalbard and Jan Mayen
Sweden
Switzerland
Syria Arab Republic
Taiwan
Tajikistan
Tanzania, the United Republic of
Thailand
Timor-Leste
Togo
Tokelau
Tonga
Trinidad and Tobago
Tunisia
Turkmenistan
Turks and Caicos Islands
Tuvalu
Türkiye
US Minor Outlying Islands
Uganda
Ukraine
United Arab Emirates
United Kingdom
Uruguay
Uzbekistan
Vanuatu
Venezuela
Viet Nam
Virgin Islands, British
Virgin Islands, U.S.
Wallis and Futuna
Western Sahara
Yemen
Zambia
Zimbabwe
Åland Islands
Employee Count
*
Employee Count *
< 100 employees
100 to 249 employees
250 to 499 employees
500 to 999 employees
1,000 to 2,499 employees
2,500 to 4,999 employees
5,000 to 9,999 employees
10,000 to 24,999 employees
25,000+ employees
Industry
*
Industry *
Advertising & Marketing
Agriculture
Airlines & Aerospace (including Defense)
Automotive
Business Support & Logistics
Construction, Machinery and Homes
Education
Entertainment & Leisure
Finance & Financial Services
Food & Beverages
Government
Health Care & Pharmaceuticals
Insurance
Manufacturing
Nonprofit
Real Estate
Retail & Consumer Durables
Telecommunications, Technology, Internet & Electronics
Utilities, Energy, and Extraction
Other
Consent
*
I have read and agree to the Security Buzz
Privacy Policy
and understand that I may receive communications from Security Buzz and its partners by submitting this form.
*
CAPTCHA
Webinars
Thursday, Oct. 16
5am ET / 2am PT
PAM and compliance, are you doing it right?
Tuesday, Oct. 28
9am ET / 6am PT
Establishing a Proactive Third-Party Risk Management Strategy with Avon
Tuesday, Oct. 28
1pm ET / 10am PT
No More Weak Links: Unleashing NDR and SASE for Hybrid Networks