SentinelOne Announces Plans to Acquire Observo AI – Dark Reading
The combined company will help customers separate data ingestion from SIEM, to improve detection and performance. – Read More
Cyber
‘MostereRAT’ Malware Blends In, Blocks Security Tools – Dark Reading
A threat actor is using a sophisticated EDR-killing malware tool in a campaign to maintain long-term, persistent access on Windows systems. – Read More
Salesloft Breached via GitHub Account Compromise – Dark Reading
The breach kickstarted a massive supply chain attack that led to the compromise of hundreds of Salesforce instances through stolen OAuth tokens. – Read More
GitHub Account Compromise Led to Salesloft Drift Breach Affecting 22 Companies – The Hacker News
Salesloft has revealed that the data breach linked to its Drift application started with the compromise of its GitHub account. Google-owned Mandiant, which began an investigation into the incident, said…
GPUGate Malware Uses Google Ads and Fake GitHub Commits to Target IT Firms – The Hacker News
Cybersecurity researchers have detailed a new sophisticated malware campaign that leverages paid ads on search engines like Google to deliver malware to unsuspecting users looking for popular tools like GitHub…
The Critical Failure in Vulnerability Management – Dark Reading
Organizations are seeking assistance to fix critical vulnerabilities. Solutions that orchestrate and automate network device protection put us on the right path. – Read More
Hackerangriff treibt Wehrle-Werk in Insolvenz – CSO Online
Die Wehrle-Werk AG hat kürzlich einen Insolvenzantrag gestellt. Ein Cyberangriff im vergangenen Jahr hat großen Schaden angerichtet. stockwerk-fotodesign – shutterstock.com Die Wehrle-Werk AG mit Sitz in Baden-Württemberg steckt nach 165…
GhostAction campaign steals 3325 secrets in GitHub supply chain attack – CSO Online
GitGuardian has disclosed a new software supply chain attack campaign, dubbed GhostAction, that exfiltrated thousands of sensitive credentials before being detected and contained on September 5. The attackers manipulated GitHub…
Is the CISO role broken? – CSO Online
A recent story by Tyler Farrar (The CISO code of conduct: Ditch the ego, lead for real) really got me thinking. While I agree with most of the content and…
45 New Domains Linked to Salt Typhoon, UNC4841 – Dark Reading
The China-backed threat actors have used the previously undiscovered infrastructure to obtain long-term, stealthy access to targeted organizations. – Read More
⚡ Weekly Recap: Drift Breach Chaos, Zero-Days Active, Patch Warnings, Smarter Threats & More – The Hacker News
Cybersecurity never slows down. Every week brings new threats, new vulnerabilities, and new lessons for defenders. For security and IT teams, the challenge is not just keeping up with the…
You Didn’t Get Phished — You Onboarded the Attacker – The Hacker News
When Attackers Get Hired: Today’s New Identity Crisis What if the star engineer you just hired isn’t actually an employee, but an attacker in disguise? This isn’t phishing; it’s infiltration…
The importance of reviewing AI data centers’ policies – CSO Online
Investment into AI data center development is exponentially increasing: in June 2025, Amazon announced a $20 billion investment into AI data center campuses in Pennsylvania alone, and in July 2025,…
10 security leadership career-killers — and how to avoid them – CSO Online
There are some bad behaviors that can get executives in trouble. Illegal and unethical actions are the most obvious, and they typically make an executive unemployable. Most professionals know to…
External Attack Surface Management (EASM): Mit diesen vier Schritten minimieren Sie das Cyberrisiko – CSO Online
IT-Security-Verantwortliche sollten die Angriffsfläche permanent analysieren und schützen. Dazu müssen sie stets im Blick haben, welche Assets über das Internet erreichbar sind. Foto: NicoElNino – shutterstock.com Von IoT-Devices über Cloud-basierte…