ShinyHunters Turn Salesforce Trust Into a Loaded Gun, Microsoft Warns
Microsoft warns that ShinyHunters Salesforce OAuth abuse is stealing CRM data without tripping a single login alarm.
Stay updated with the latest cybersecurity news, threat intelligence, and industry updates from secure.com.
Microsoft warns that ShinyHunters Salesforce OAuth abuse is stealing CRM data without tripping a single login alarm.
ServiceNow AI Platform RCE flaw CVE-2026-6875 lets attackers run code with no login. Here is what to patch and when.
A zero-day exploit startup offering up to $7 million turns out to be run by two men with a long fraud record.
A critical Balbooa Forms Joomla vulnerability let anyone upload a file and take full control of a site, and attackers found it before the vendor did.
Progress ordered every ShareFile Storage Zone Controller shutdown after finding a credible external threat, with no patch and no explanation offered yet.
Microsoft says the GigaWiper backdoor lets attackers spy quietly for months, then destroy a machine with a single numbered command.
GodDamn ransomware is using a Microsoft signed kernel driver to shut off endpoint security before it locks a single file.
Dateline: July 9, 2026 Source Code Was the Headline. The Azure Keys Are the Story. Somebody screenshotted themselves cloning an Accenture Azure DevOps repository and posted...
SCMBANKER malware is turning fake CAPTCHA pages into live banking fraud across Mexico's financial sector.
A single hacker pulled off an AI-assisted cloud attack on a global enterprise, breaking into AWS and extorting the company in about three days.
The GitLost GitHub vulnerability lets attackers steal private repository data with nothing but a fake issue and a few lines of plain English.
A newly disclosed GhostLock Linux kernel vulnerability lets any logged-in user become root, and the exploit code is already public.
A newly disclosed KVM flaw VM escape bug lets one rented cloud instance break out and hijack the entire host server.