Aggregator

A critical vulnerability chain in Salesforce’s Agentforce AI platform, which could have allowed external attackers to steal sensitive CRM data. The vulnerability, dubbed ForcedLeak by Noma Labs, which discovered it, carries a CVSS score of 9.4 and was executed through a sophisticated indirect prompt injection attack. This discovery highlights the expanded and fundamentally different attack surface presented […]

The post Salesforce AI Agent Vulnerability Allows Let Attackers Exfiltration Sensitive Data appeared first on Cyber Security News.

DOGE is “bypassing cybersecurity protections” at three agencies, Senate Homeland Security and Governmental Affairs Committee Democrats concluded.

The post Dem report concludes Department of Government Efficiency violates cybersecurity, privacy rules appeared first on CyberScoop.

Cybercriminals have orchestrated a sophisticated phishing campaign exploiting GitHub’s notification system to impersonate the prestigious startup accelerator Y Combinator, targeting developers’ cryptocurrency wallets through fake funding opportunity notifications. The attack leverages GitHub’s issue tracking system to mass-distribute phishing notifications, bypassing traditional email security filters by using the platform’s legitimate notification infrastructure.  Threat actors created multiple […]

The post Hackers Leverage GitHub Notifications to Mimic as Y Combinator to Steal Funds from Wallets appeared first on Cyber Security News.

A recent wave of attacks leveraging malicious Windows shortcut files (.LNK) has put security teams on high alert. Emerging in late August 2025, this new LNK malware distribution exploits trusted Microsoft binaries to bypass endpoint protections and execute payloads without raising suspicions. Delivered primarily via spear-phishing emails and compromised websites, the shortcut files appear innocuous, […]

The post New LNK Malware Uses Windows Binaries to Bypass Security Tools and Execute Malware appeared first on Cyber Security News.

You must login to view this content

Is your IBM QRadar instance overwhelmed by web application firewall (WAF) alerts, or worse, have you throttled them back, potentially missing critical application-layer threats? You're not alone. Many Security Operations Centers (SOCs) struggle with the noise-to-signal ratio from perimeter tools, leaving a dangerous blindspot around the very applications driving the business. This lack of deep visibility hinders accurate threat assessment and slows down response times. 

The post IBM QRadar SIEM and Contrast ADR Integration | Actionable Application Security Intelligence | Contrast Security appeared first on Security Boulevard.