Breaking News – Cyber Threats (last 6h)
Generated: 2025-11-21 02:00 PST
- Use of CSS stuffing as an obfuscation technique?, (Fri, Nov 21st)
SANS ISC Diary (full) • 2025-11-21 01:48 • isc.sans.eduFrom time to time, it can be instructive to look at generic phishing messages that are delivered to one's inbox or that are caught by basic spam filters. Although one usually doesn't find much of interest, sometimes these little excursions into what should be a run-of-the-mill collection of basic, commonly used phishing techniques can lead one to find something new and unusual. This was the case with one of the messages delivered to our handler inbox yesterday…
- SEC Drops SolarWinds Case After Years of High-Stakes Cybersecurity Scrutiny
The Hacker News • 2025-11-21 00:05 • thehackernews.com
The U.S. Securities and Exchange Commission (SEC) has abandoned its lawsuit against SolarWinds and its chief information security officer, alleging that the company had misled investors about the security practices that led to the 2020 supply chain attack.
In a joint motion filed November 20, 2025, the SEC, along with SolarWinds and its CISO Timothy G. Brown, asked the court to voluntarily
https://thehackernews.com/2025/11/sec-drops-solarwinds-case-after-years.html - Salesforce Flags Unauthorized Data Access via Gainsight-Linked OAuth Activity
The Hacker News • 2025-11-20 21:32 • thehackernews.com
Salesforce has warned of detected “unusual activity” related to Gainsight-published applications connected to the platform.
“Our investigation indicates this activity may have enabled unauthorized access to certain customers’ Salesforce data through the app’s connection,” the company said in an advisory.
The cloud services firm said it has taken the step of revoking all active access and refresh
https://thehackernews.com/2025/11/salesforce-flags-unauthorized-data.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
