ICYMI: 2025-09-08
Latest Headlines
GitHub Account Compromise Led to Salesloft Drift Breach Affecting 22 Companies
GPUGate Malware Uses Google Ads and Fake GitHub Commits to Target IT Firms
⚡ Weekly Recap: Drift Breach Chaos, Zero-Days Active, Patch Warnings, Smarter Threats & More
Chinese Spies Impersonated US Lawmaker to Deliver Malware to Trade Groups: Report
GitHub Workflows Attack Affects Hundreds of Repos, Thousands of Secrets
Salesloft GitHub Account Compromised Months Before Salesforce Attack
Over 6,700 Private Repositories Made Public in Nx Supply Chain Attack
Fintech Firm Wealthsimple Says Supply Chain Attack Resulted in Data Breach
Cybersecurity M&A Roundup: 27 Deals Announced in August 2025
Progress OpenEdge AdminServer Vulnerability Let Attackers Execute Remote Code
Windows Defender Vulnerability Allows Service Hijacking and Disablement via Symbolic Link Attack
Venezuela’s Maduro Says Huawei Mate X6 Gift From China is Unhackable by U.S. Spies
LunaLock Ransomware Attacking Artists to Steal and Encrypt Data
Exposed ‘Kim’ Dump Exposes Kimsuky Hackers New Tactics, Techniques, and Infrastructure
Hackers Weaponize Amazon Simple Email Service to Send 50,000+ Malicious Emails Per Day
Qualys Confirms Data Breach – Hackers Accessed Salesforce Data in Supply Chain Attack
Researchers Bypassed Web Application Firewall With JS Injection with Parameter Pollution
PgAdmin Vulnerability Lets Attackers Gain Unauthorised Account Access
PoC Exploit Released for ImageMagick RCE Vulnerability – Update Now
Surge in networks scans targeting Cisco ASA devices raise concerns
Hackers steal 3,325 secrets in GhostAction GitHub supply chain attack
Sports streaming piracy service with 123M yearly visits shut down
Hackers hijack npm packages with 2 billion weekly downloads in supply chain attack
Salesloft: March GitHub repo breach led to Salesforce data theft attacks
Action1 vs. Microsoft WSUS: A Better Approach to Modern Patch Management
– MTZ