Google: Brickstorm malware used to steal U.S. orgs' data for over a year

Suspected Chinese hackers have used the Brickstorm malware in long-term persistence espionage operations against U.S.
SecurityWeek

Salesforce AI Hack Enabled CRM Data Theft

Prompt injection has been leveraged alongside an expired domain to steal Salesforce data in an attack named ForcedLeak.
SecurityWeek

GeoServer Flaw Exploited in US Federal Agency Hack

CISA has shared details on the exploitation of a year-old GeoServer vulnerability to compromise a federal agency.

CISA says hackers breached federal agency using GeoServer exploit

CISA has revealed that attackers breached the network of an unnamed U.S. federal civilian executive branch (FCEB) agency last ...
Hackaday

This Week In Security: Randomness Is Hard, SNMP Shouldn’t Be Public, And GitHub Malware Delivery

Randomness is hard. To be precise, without dedicated hardware, randomness is impossible for a computer. This is actually ...
The Hacker News

Hackers Exploit Pandoc CVE-2025-51591 to Target AWS IMDS and Steal EC2 IAM Credentials

The vulnerability in question is CVE-2025-51591 (CVSS score: 6.5), which refers to a case of Server-Side Request Forgery ...
Techno-Science.net on MSN

🚨 Your wallpaper can hack your computer: here's how

The images we see every day on our screens could hide dangers for our computers. A recent study reveals that artificial intelligence agents, these personal assistants capable of performing ...

Under the radar - Google warns new Brickstorm malware was stealing data from US firms for over a year

Google warns UNC5221 targeted US legal, tech, and SaaS firms with Brickstorm malware for over a year Campaign aimed at ...