The Axios Supply Chain Attack
The Axios supply chain attack proves attackers don’t need vulnerabilities if they can hit the assembly line. By compromising a single npm maintainer account, they were able to slip a trojan into Axios...
10 Huhti 43min
Salesforce Aura Data Theft
ShinyHunters has once again placed Salesforce customers in their crosshairs – this time abusing guest user misconfigurations in public-facing Experience Cloud sites. The group claims to have compromis...
20 Maalis 29min
OpenClaw & Moltbook (w/ Moriah Hara!)
OpenClaw – an opensource AI agent dubbed “Claude with hands” – has exploded across GitHub, rocketing from obscurity to 170,000 stars in just two weeks. It’s now the fastest spreading form of shadow IT...
14 Helmi 43min
The React2Shell Crisis
React2Shell, the zero-click RCE exploit, is rapidly becoming one of the most significant cybersecurity incidents this year. From emergency patches causing a massive Cloudflare outage to active exploi...
15 Joulu 202522min
AI-Powered Espionage
A Chinese state-sponsored group weaponized Anthropic’s Claude tool to launch the first large-scale AI-driven espionage campaign, targeting more than 30 organizations across tech, finance, manufacturin...
24 Marras 202523min
Black Hat Cartels
More from Varonis ⬇️ Visit our website: https://www.varonis.com LinkedIn: linkedin.com/company/varonis X/Twitter: x.com/varonis Instagram: instagram.com/varonislife Want to join us live? Save a seat...
31 Loka 202523min
ShinyHunters' CRM Heist
One phone call was all it took for ShinyHunters to breach some of the world's biggest brands. By exploiting Salesforce to infiltrate Google, Cisco, and many others, this group has shown just how vulne...
18 Elo 202526min
