News

CRM giant denies security shortcomings as claims allege stolen data used for ID theft

Salesforce is facing a wave of lawsuits in the wake of a cyberattack that exposed customer data.…

Researchers say tens of thousands of instances remain publicly reachable

Security researchers have confirmed that threat actors have exploited the maximum-severity vulnerability affecting Fortra's GoAnywhere managed file transfer (MFT), and chastised the vendor for a lack of transparency.…

Operation Cronos didn’t kill LockBit – it just came back meaner

Trend Micro has sounded the alarm over the new LockBit 5.0 ransomware strain, which it warns is "significantly more dangerous" than past versions due to its newfound ability to simultaneously target Windows, Linux, and VMware ESXi environments. …

More fun with AI agents and their security holes

A now-fixed flaw in Salesforce’s Agentforce could have allowed external attackers to steal sensitive customer data via prompt injection, according to security researchers who published a proof-of-concept attack on Thursday. They were aided by an expired trusted domain that they were able to buy for a measly five bucks.…

The downstream consequences of Miljödata’s ransomware attack continue to affect major organizations

Volvo North America is the latest large organization to announce attackers accessed employee data after a ransomware attack struck its HR system provider.…

CISA gives feds 24 hours to patch, NCSC urges rapid action as flaws linked to ArcaneDoor spies

Cybersecurity agencies on both sides of the Atlantic are sounding the alarm over Cisco firewall vulnerabilities that are being exploited by an "advanced threat actor."…

Prime Minister Starmer revives controversial scheme despite past denials, sparking civil liberties backlash

The UK government plans to issue all legal residents a digital identity by the end of the current Parliament, which could run until August 2029, with its use required to get a job.…

It’s amazing the number of calls Jo, Helen, and Ian get through

The UK's data protection watchdog fined two Brit businesses with offshore call centers £550,000 (c $735,000) over illegal automated marketing calls.…