Browsed by
Tag: Cybersecurity Alert

Google Issues Urgent Warning After Salesforce Data Breach Affects Business Contacts

Google Issues Urgent Warning After Salesforce Data Breach Affects Business Contacts

Google Issues Urgent Warning After Salesforce Data Breach Affects Business Contacts Google has issued an urgent warning to a specific subset of its users following a recent data breach impacting its Salesforce database. The incident, which occurred on Saturday, August 30, exposed a limited set of basic business contact information used to communicate with potential advertisers. While the breach is significant, Google has clarified that critical services like Google Cloud and Gmail were not affected, and personal passwords remain secure….

Read More Read More

Urgent: WhatsApp Patches Critical Zero-Click Exploit Targeting iOS and macOS

Urgent: WhatsApp Patches Critical Zero-Click Exploit Targeting iOS and macOS

Urgent: WhatsApp Patches Critical Zero-Click Exploit Targeting iOS and macOS WhatsApp has issued an emergency security update for its messaging applications on Apple iOS and macOS. The update addresses a critical “zero-click” vulnerability, CVE-2025-55177, which may have been actively exploited in the wild as part of sophisticated, targeted attacks. This severe flaw, discovered by WhatsApp’s internal security team, stems from insufficient authorization in linked device synchronization messages. It could allow an attacker to force a target’s device to process content…

Read More Read More

Urgent Security Alert: Google Directs All 2.5 Billion Gmail Users to Change Passwords Immediately

Urgent Security Alert: Google Directs All 2.5 Billion Gmail Users to Change Passwords Immediately

Urgent Security Alert: Google Directs All 2.5 Billion Gmail Users to Change Passwords Immediately Google has issued an urgent directive to its massive user base, instructing all 2.5 billion Gmail account holders to change their passwords immediately. This unprecedented move comes amidst undisclosed security concerns, prompting the tech giant to take swift action to protect user data. While specific details regarding the vulnerability or threat have not yet been fully disclosed, the company emphasizes the critical importance of this security…

Read More Read More

Urgent Warning: Popular Chrome VPN ‘FreeVPN.One’ Caught Covertly Snapping User Activity, Still Live on Web Store

Urgent Warning: Popular Chrome VPN ‘FreeVPN.One’ Caught Covertly Snapping User Activity, Still Live on Web Store

Urgent Warning: Popular Chrome VPN ‘FreeVPN.One’ Caught Covertly Snapping User Activity, Still Live on Web Store A widely used Chrome VPN extension, FreeVPN.One, boasting over 100,000 installations, has been unmasked for secretly capturing screenshots of users’ browsing activity and transmitting them to a remote server. Security experts at Koi Security issued the critical alert, revealing a significant failure in Google’s security protocols as the malicious extension continues to be available for download on the Chrome Web Store. Koi Security’s comprehensive…

Read More Read More

Urgent: New Microsoft Exchange Bug Poses ‘Total Domain Compromise’ Risk, CISA Mandates Immediate Patching

Urgent: New Microsoft Exchange Bug Poses ‘Total Domain Compromise’ Risk, CISA Mandates Immediate Patching

Urgent: New Microsoft Exchange Bug Poses ‘Total Domain Compromise’ Risk, CISA Mandates Immediate Patching Microsoft and the US Cybersecurity and Infrastructure Security Agency (CISA) have issued an urgent warning regarding a critical new high-severity vulnerability in Exchange Server hybrid deployments. Tracked as CVE-2025-53786, this flaw could allow attackers with on-premises administrative access to escalate privileges, potentially leading to a “total domain compromise” across both hybrid cloud and on-premises environments. While not yet actively exploited, Microsoft deems exploitation “more likely” given…

Read More Read More

CISA Issues Urgent Directive: Federal Agencies Must Patch Critical Exchange Flaw by Monday

CISA Issues Urgent Directive: Federal Agencies Must Patch Critical Exchange Flaw by Monday

CISA Issues Urgent Directive: Federal Agencies Must Patch Critical Exchange Flaw by Monday The Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive, ordering all Federal Civilian Executive Branch (FCEB) agencies to immediately address a critical Microsoft Exchange hybrid vulnerability, CVE-2025-53786. Agencies face a strict deadline of Monday, August 11, 2025, at 9:00 AM ET to implement the necessary mitigations. This severe flaw allows attackers with administrative access to on-premises Exchange servers to move laterally into Microsoft cloud…

Read More Read More

CISA Issues Emergency Directive: Patch Critical Microsoft Exchange Flaw by August 11 or Risk Cloud Compromise

CISA Issues Emergency Directive: Patch Critical Microsoft Exchange Flaw by August 11 or Risk Cloud Compromise

CISA Issues Emergency Directive: Patch Critical Microsoft Exchange Flaw by August 11 or Risk Cloud Compromise The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent emergency directive (ED 25-02) on August 7, 2025, mandating that Federal Civilian Executive Branch (FCEB) agencies immediately address a high-severity security flaw in Microsoft Exchange Server. Agencies operating Microsoft Exchange hybrid environments must implement required mitigations by 9 a.m. EDT on Monday, August 11, 2025, to prevent potential compromise of their cloud…

Read More Read More

Urgent: Chinese State-Backed Hackers Exploiting New Microsoft SharePoint Zero-Day; Patches Released

Urgent: Chinese State-Backed Hackers Exploiting New Microsoft SharePoint Zero-Day; Patches Released

Urgent: Chinese State-Backed Hackers Exploiting New Microsoft SharePoint Zero-Day; Patches Released Security researchers at Google and Microsoft have confirmed that China-backed hacking groups are actively exploiting a critical zero-day vulnerability in Microsoft SharePoint, identified as CVE-2025-53770. This flaw allows attackers to steal sensitive private keys from self-hosted SharePoint versions, enabling them to plant malware and gain unauthorized access to internal documents and network systems. Microsoft reported observing at least three China-linked groups—Linen Typhoon, Violet Typhoon, and Storm-2603—exploiting the bug since…

Read More Read More

Critical Alert: Microsoft SharePoint Zero-Day Exploit Under Active Attack, Urgent Patches Issued

Critical Alert: Microsoft SharePoint Zero-Day Exploit Under Active Attack, Urgent Patches Issued

Critical Alert: Microsoft SharePoint Zero-Day Exploit Under Active Attack, Urgent Patches Issued Microsoft has issued an emergency fix to address a critical zero-day vulnerability (CVE-2025-49706) actively being exploited in its widely-used SharePoint server software. The flaw has enabled hackers to conduct widespread attacks on various businesses and some U.S. government agencies. The company confirmed it became aware of the exploit on Saturday, swiftly releasing initial guidance and patches on Sunday for SharePoint Server 2019 and SharePoint Server Subscription Edition. However,…

Read More Read More