More victims have emerged after attackers breached application vendor Klue and used its OAuth tokens to steal customers’ Salesforce data.
Scope of Salesforce Attacks Expands as Icarus Leaks Data
You might be interested in …
Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks
Chinese hackers have been utilizing MAVInject.exe to evade detection during targeted cyber attacks. This tactic allows them to manipulate Windows processes, enhancing their stealth and effectiveness against various organizations, experts warn.
Google Fixed Cloud Run Vulnerability Allowing Unauthorized Image Access via IAM Misuse
Google has resolved a critical vulnerability in Cloud Run that allowed unauthorized access to images via improper IAM configurations. This fix enhances security for users, ensuring tighter restrictions on image access and protecting sensitive data from potential misuse.
12,000+ API Keys and Passwords Found in Public Datasets Used for LLM Training
A recent discovery has unveiled over 12,000 API keys and passwords embedded in public datasets used for training large language models. This revelation raises urgent concerns about data security and the potential risks associated with using compromised credentials.