Latest Cybersecurity News

The Hacker NewsMar 10, 20261m10

New "LeakyLooker" Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries

New "LeakyLooker" Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries

Cybersecurity researchers have disclosed nine cross-tenant vulnerabilities in Google Looker Studio that could have permitted attackers to run arbitrary SQL queries on victims' databases and exfiltrate sensitive data within organizations' Google Cloud environments. The shortcomings have been colle...

TechnologyCloud Services

Hundreds of Salesforce Customers Allegedly Targeted in New Data Theft Campaign

SecurityWeekMar 10, 20262m10

Hundreds of Salesforce Customers Allegedly Targeted in New Data Theft Campaign

Salesforce has confirmed that customers are being targeted via poorly secured instances.

Escape Raises $18 Million to Automate Pentesting

SecurityWeekMar 10, 20262m10

Escape Raises $18 Million to Automate Pentesting

The company will deepen its platform's AI agent capabilities and scale engineering and go-to-market teams.

Recent Ivanti Endpoint Manager Flaw Exploited in Attacks

SecurityWeekMar 10, 20262m10

Recent Ivanti Endpoint Manager Flaw Exploited in Attacks

CISA has added the high-severity authentication bypass vulnerability to its KEV list, along with SolarWinds and Workspace One bugs.

How to Stop AI Data Leaks: A Webinar Guide to Auditing Modern Agentic Workflows

The Hacker NewsMar 10, 20262m10

How to Stop AI Data Leaks: A Webinar Guide to Auditing Modern Agentic Workflows

Learn to audit AI agents and stop data leaks. Join our webinar to find hidden risks and secure your modern agentic workflows.

SIM Swaps Expose a Critical Flaw in Identity Security

SecurityWeekMar 10, 20265m10

SIM Swaps Expose a Critical Flaw in Identity Security

SIM swap attacks exploit misplaced trust in phone numbers and human processes to bypass authentication controls and seize high-value accounts.

The Zero-Day Scramble is Avoidable: A Guide to Attack Surface Reduction

The Hacker NewsMar 10, 20266m10

The Zero-Day Scramble is Avoidable: A Guide to Attack Surface Reduction

Attack surface exposure leaves services reachable as exploits appear within 24–48 hours after disclosure, increasing breach risk.

APT28 Uses BEARDSHELL and COVENANT Malware to Spy on Ukrainian Military

The Hacker NewsMar 10, 20263m10

APT28 Uses BEARDSHELL and COVENANT Malware to Spy on Ukrainian Military

APT28 deploys BEARDSHELL and COVENANT since April 2024 targeting Ukrainian military, enabling cloud-based espionage and persistent surveillance.

Threat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector Tool

The Hacker NewsMar 10, 20263m11

Threat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector Tool

Modified AuraInspector scans misconfigured Salesforce Experience Cloud sites, extracting CRM data and enabling targeted vishing campaigns.

Cylake Raises $45 Million to Secure Organizations Barred From Cloud

SecurityWeekMar 10, 20262m11

Cylake Raises $45 Million to Secure Organizations Barred From Cloud

The company, founded by Palo Alto Networks’ Nir Zuk, has developed a platform that focuses on data sovereignty.

CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively Exploited

The Hacker NewsMar 10, 20262m11

CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively Exploited

CISA adds 3 exploited flaws—SolarWinds, Ivanti, Workspace One—to KEV after attacks, forcing federal patch deadlines in March 2026.

White House Cyber Strategy Prioritizes Offense

Dark Reading