InfoSec News 20250903
Top News
-
Cloudflare hit by data breach in Salesloft Drift supply chain attack
Cloudflare is the latest company impacted in a recent string of Salesloft Drift breaches, part of a supply-chain attack disclosed last week. The internet giant revealed on Tuesday that the attackers gained access to a Salesforce instance it uses for internal customer case management and customer support, which contained 104 Cloudflare API tokens.
TLP1 : Green
-
Cloudflare blocks largest recorded DDoS attack peaking at 11.5 Tbps
Internet infrastructure company Cloudflare said it recently blocked the largest recorded volumetric distributed denial-of-service (DDoS) attack, which peaked at 11.5 terabits per second (Tbps). In volumetric DDoS attacks, attackers overwhelm the target with massive amounts of data, consuming the bandwidth or exhausting system resources, leaving legitimate users with no access to the targeted servers and services.
TLP1 : Green
-
Iranian Hackers Exploit 100+ Embassy Email Accounts in Global Phishing Targeting Diplomats
An Iran-nexus group has been linked to a "coordinated" and "multi-wave" spear-phishing campaign targeting the embassies and consulates in Europe and other regions across the world.
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
Major IPTV Piracy Network Uncovered Spanning 1100 Domains
A large Internet Protocol Television (IPTV) piracy network spanning more than 1100 domains and over 10,000 IP addresses has been uncovered by cybersecurity researchers.The operation, active for several years, has reportedly impacted more than 20 well-known entertainment and sports brands
TLP1 : Green
Breaches: Data Breaches and Hacks
-
Hackers breach fintech firm in attempted $130M bank heist
Hackers tried to steal $130 million from Evertec’s Brazilian subsidiary Sinqia S.A.after gaining unauthorized access to its environment on the central bank’s real-time payment system (Pix). Evertec is a public financial technology giant that stands as a major full-service transaction processor in Latin America, Puerto Rico, and the Caribbean.
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
Android Security Alert: Google Patches 120 Flaws, Including Two Zero-Days Under Attack
Google has shipped security updates to address 120 security flaws in its Android operating system as part of its monthly fixes for September 2025, including two issues that it said have been exploited in targeted attacks.
TLP1 : Green
-
Ethereum smart contracts used to push malicious code on npm
Two, new pieces of open source malware discovered on the npm package repository by ReversingLabs researchers in July employ a novel and creative technique for loading malware on compromised devices: smart contracts for the Ethereum blockchain.
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
MobSF Vulnerability Allows Attackers to Upload Malicious Files
Critical security flaws discovered in Mobile Security Framework (MobSF) version 4.4.0 enable authenticated attackers to exploit path traversal and arbitrary file write vulnerabilities, potentially compromising system integrity and exposing sensitive data.
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
Threat Actors Weaponize HexStrike AI to Exploit Citrix Flaws Within a Week of Disclosure
Threat actors are attempting to leverage a newly released artificial intelligence (AI) offensive security tool called HexStrike AI to exploit recently disclosed security flaws.
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.