Google has released an urgent security update for the Chrome Stable channel to address a critical use-after-free vulnerability in the ANGLE graphics library that could allow attackers to execute arbitrary code on vulnerable systems. The fixes arrive as part of Chrome Stable…
Category: EN
Interesting Technique to Launch a Shellcode, (Wed, Aug 27th)
In most attack scenarios, attackers have to perform a crucial operation: to load a shellcode in memory and execute it. This is often performed in a three-step process: This article has been indexed from SANS Internet Storm Center, InfoCON: green…
Hackers Abuse Compromised OAuth Tokens to Access and Steal Salesforce Corporate Data
Google Threat Intelligence Group (GTIG) has issued an advisory concerning a broad data theft operation targeting corporate Salesforce instances via the Drift integration. Beginning as early as August 8, 2025, UNC6395 leveraged valid access and refresh tokens associated with the…
Yes, you can buy a MacBook Air for just $142 right now – here’s what’s included
Back Market is offering a refurbished 13-inch MacBook Air for as low as $142 – one of the lowest prices I’ve ever seen – ahead of Labor Day. This article has been indexed from Latest news Read the original article:…
China-based Threat Actor Mustang Panda’s Tactics, Techniques, and Procedures Unveiled
China-based threat actor Mustang Panda has emerged as one of the most sophisticated cyber espionage groups operating in the current threat landscape, with operations dating back to at least 2014. This advanced persistent threat (APT) group has systematically targeted government…
Salesloft Drift Hacked to Steal OAuth Tokens and Exfiltrate from Salesforce Corporate Instances
A sophisticated data exfiltration campaign targeting corporate Salesforce instances has exposed sensitive information from multiple organizations through compromised OAuth tokens associated with the Salesloft Drift third-party application. The threat actor, designated as UNC6395, systematically harvested credentials and sensitive data between…
How compliance teams can turn AI risk into opportunity
AI is moving faster than regulation, and that creates opportunities and risks for compliance teams. While governments work on new rules, businesses cannot sit back and wait. In this Help Net Security video, Matt Hillary, CISO at Drata, look at…
AI Security Map: Linking AI vulnerabilities to real-world impact
A single prompt injection in a customer-facing chatbot can leak sensitive data, damage trust, and draw regulatory scrutiny in hours. The technical breach is only the first step. The real risk comes from how quickly one weakness in an AI…
Google issued ‘State-backed attack in progress’ warnings after spotting web hijack scheme
Suspects this was Beijing-backed Typhoon and/or Panda crew targeting diplomats in Asia Google has warned customers of a suspected state-backed attack after observing a web traffic hijacking campaign.… This article has been indexed from The Register – Security Read the…
Hottest cybersecurity open-source tools of the month: August 2025
This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Buttercup: Open-source AI-driven system detects and patches vulnerabilities Buttercup is a free, automated, AI-powered platform that finds and fixes vulnerabilities in open-source…