Login
Tracked as UNC6783, the threat actor is likely linked to Mr. Raccoon, the hacker behind the alleged theft of Adobe data from a BPO.
The post Google Warns of New Campaign Targeting BPOs to Steal Corporate Data appeared first on SecurityWeek.
Salesforce has confirmed that customers are being targeted via poorly secured instances.
The post Hundreds of Salesforce Customers Allegedly Targeted in New Data Theft Campaign appeared first on SecurityWeek.
With more than 37 million combined downloads, the extensions expose users to tracking and personal information theft.
The post Over 300 Malicious Chrome Extensions Caught Leaking or Stealing User Data appeared first on SecurityWeek.
Impersonating a legitimate extension from AITOPIA, the two malicious extensions were also exfiltrating usersβ browser activity.
The post Chrome Extensions With 900,000 Downloads Caught Stealing AI Chats appeared first on SecurityWeek.
Arizona is the latest state to sue Temu and its parent company PDD Holdings over allegations that the Chinese online retailer is stealing customersβ data.
The post Arizona Attorney General Sues Chinese Online Retailer Temu Over Data Theft Claims appeared first on SecurityWeek.
An attacker can inject indirect prompts to trick the model into harvesting user data and sending it to the attackerβs account.
The post Claude AI APIs Can Be Abused for Data Exfiltration appeared first on SecurityWeek.
F5 shared few details on the threat actor, but the attack profile seems to point to China.
The post F5 Says Nation-State Hackers Stole Source Code and Vulnerability Data appeared first on SecurityWeek.
Prompt injection has been leveraged alongside an expired domain to steal Salesforce data in an attack named ForcedLeak.
The post Salesforce AI Hack Enabled CRM Data Theft appeared first on SecurityWeek.
OpenAI has fixed this zero-click attack method called ShadowLeak by researchers.
The post ChatGPT Targeted in Server-Side Data Theft Attack appeared first on SecurityWeek.
CyberLabRSS 