CyberSecurity Updates

25 Sep

Salesforce AI Hack Enabled CRM Data Theft

Information, News

Prompt injection and an expired domain could have been used to target Salesforce’s Agentforce platform for data theft. The attack method, dubbed ForcedLeak, was discovered by researchers at Noma Security, a company that recently raised $100 million for its AI agent security platform. Salesforce Agentforce enables businesses to build and deploy autonomous AI agents across functions such as sales, marketing, and commerce. These agents act independently to complete multi-step tasks without constant human intervention. The…

Read More
25 Sep

CISA Directs Federal Agencies to Identify and Mitigate Potential Compromise of Cisco Devices

Attacks, Insights, Malware

Today, CISA issued Emergency Directive ED 25-03: Identify and Mitigate Potential Compromise of Cisco Devices to address vulnerabilities in Cisco Adaptive Security Appliances (ASA) and Cisco Firepower devices. CISA has added vulnerabilities CVE-2025-20333 and CVE-2025-20362 to the Known Exploited Vulnerabilities Catalog.  The Emergency Directive requires federal agencies to identify, analyze, and mitigate potential compromises immediately. Agencies must: Identify all instances of Cisco ASA and Cisco Firepower devices in operation (all versions). Collect and transmit memory…

Read More
24 Sep

Hackers Target Casino Operator Boyd Gaming

Data Breaches, Information, News

Casino entertainment company Boyd Gaming has disclosed a data breach after hackers gained access to its internal IT systems.  Boyd Gaming said in a filing with the SEC that the cybersecurity incident has not impacted its properties and business operations.  The Las Vegas-based company is conducting an investigation with assistance from outside cybersecurity experts and law enforcement.  The probe has shown that the hackers stole some data from its systems, including employee information and the…

Read More
24 Sep

Feds Tie ‘Scattered Spider’ Duo to $115M in Ransoms

Data Breaches, Information, Insights

U.S. prosecutors last week levied criminal hacking charges against 19-year-old U.K. national Thalha Jubair for allegedly being a core member of Scattered Spider, a prolific cybercrime group blamed for extorting at least $115 million in ransom payments from victims. The charges came as Jubair and an alleged co-conspirator appeared in a London court to face accusations of hacking into and extorting several large U.K. retailers, the London transit system, and healthcare providers in the United…

Read More
23 Sep

Jaguar Land Rover Says Shutdown Will Continue Until at Least Oct 1 After Cyberattack

Information, News

Jaguar Land Rover said Tuesday that its production lines, shut down after a cyberattack in August, will remain at a halt until at least Oct. 1. Britain’s biggest automaker sent workers home from its factories in central and northwest England on Aug. 31. The shutdown has rippled through the U.K. auto industry. JLR, which is owned by India’s Tata Motors, employs more than 30,000 people, with its supply chain supporting tens of thousands more jobs.…

Read More
23 Sep

Widespread Supply Chain Compromise Impacting npm Ecosystem

Attacks, Insights, Malware

CISA is releasing this Alert to provide guidance in response to a widespread software supply chain compromise involving the world’s largest JavaScript registry, npmjs.com. A self-replicating worm—publicly known as “Shai-Hulud”—has compromised over 500 packages.[i] After gaining initial access, the malicious cyber actor deployed malware that scanned the environment for sensitive credentials. The cyber actor then targeted GitHub Personal Access Tokens (PATs) and application programming interface (API) keys for cloud services, including Amazon Web Services (AWS),…

Read More
23 Sep

CISA Releases Advisory on Lessons Learned from an Incident Response Engagement

Attacks, Insights, Malware

Today, CISA released a cybersecurity advisory detailing lessons learned from an incident response engagement following the detection of potential malicious activity identified through security alerts generated by the agency’s endpoint detection and response tool.  This advisory, CISA Shares Lessons Learned from an Incident Response Engagement, highlights takeaways that illuminate the urgent need for timely patching, comprehensive incident response planning, and proactive threat monitoring to mitigate risks from similar vulnerabilities. The advisory also outlines the tactics,…

Read More
22 Sep

Mycroft Raises $3.5 Million for AI-Powered Security and Compliance Platform

Information, News

Toronto, Canada-based company Mycroft emerged from stealth on Monday with a solution designed to help organizations manage and operate their security and IT stack with the aid of autonomous AI agents. Mycroft has raised $3.5 million in seed funding in a round led by Luge Capital, with participation from Brightspark Ventures, Graphite Ventures, Ripple Ventures, Developer Capital, Antler, BoxOne Ventures, and angel investors. The company has developed a platform that acts as an AI Security…

Read More
22 Sep

SonicWall Releases Advisory for Customers after Security Incident

Attacks, Insights, Malware

SonicWall released a security advisory to assist their customers with protecting systems impacted by the MySonicWall cloud backup file incident. SonicWall’s investigation found that a malicious actor performed a series of brute force techniques against their MySonicWall.com web portal to gain access to a subset of customers’ preference files stored in their cloud backups. While credentials within the files were encrypted, the files also included information that actors can use to gain access to customers’…

Read More
21 Sep

Airport Cyberattack Disrupts More Flights Across Europe

Information, News

Fallout from a cyberattack that disrupted check-in systems at several European airports extended into a second full day on Sunday, as passengers faced dozens of canceled and delayed flights — and the impact poised to worsen for at least one major airport. Brussels Airport, seemingly the hardest hit, said it asked airlines to cancel nearly 140 departing flights scheduled for Monday because a U.S.-based software system provider “is not yet able to deliver a new…

Read More