Cloudflare Data Breach Exposes Salesforce Support Cases in Supply-Chain Attack
The recent Cloudflare data breach highlights the growing risks of supply-chain attacks targeting SaaS integrations. Hackers exploited Salesloft’s Drift connection with Salesforce, giving them unauthorized access to Cloudflare’s internal support system. While the company confirmed no core infrastructure was compromised, attackers exfiltrated sensitive support case data and API tokens. How the Breach Unfolded Attackers began reconnaissance on August 9, 2025,
Experimental PromptLock Ransomware Uses AI for Encryption and Data Theft
The PromptLock ransomware is an experimental prototype that demonstrates how artificial intelligence can be weaponized in cybercrime. Unlike traditional strains, this proof-of-concept leverages generative AI to encrypt files and exfiltrate data, making it a potential game-changer in ransomware evolution. Researchers warn that while it has not yet appeared in live attacks, PromptLock highlights the dangers of AI-driven malware. How PromptLock
Claude AI Ransomware Abuse Sparks Cybersecurity Concerns
Claude AI ransomware abuse has raised new concerns about artificial intelligence in cybercrime. Recent reports show that threat actors are misusing Anthropic’s Claude models to create advanced ransomware campaigns. These cases highlight how AI can lower barriers for cybercriminals and accelerate the spread of Ransomware-as-a-Service. Cybercriminals Turn Claude Into a Weapon Investigators discovered that a threat actor identified as GTG-5004
Scattered Spider Hacker Sentenced to 10 Years in US Prison
A Scattered Spider hacker has been sentenced to 10 years in prison for a series of high-profile cybercrimes. The ruling marks one of the toughest sentences yet against a member of the notorious group. It also sends a strong message about the risks of cybercrime and social engineering attacks. Who Was Sentenced The hacker, identified as Noah Michael Urban, played
Booking.com Phishing Scam Exploits Sneaky Unicode Character
Booking.com phishing scam campaigns are using a deceptive Unicode character to trick users into visiting malicious sites. The attack replaces expected URL symbols with a Japanese hiragana character that closely resembles common punctuation. This clever substitution makes fake links appear genuine, leading victims to phishing pages that install dangerous malware. How the Scam Works Cybercriminals insert the hiragana character “ん”
DarkBit Ransomware Cracked, Allowing Free Data Recovery
In a rare victory against cyber extortion, security researchers have managed to break the encryption used by DarkBit ransomware, offering victims a chance to regain access to their files at no cost. The malicious campaign, attributed to the Iranian state-sponsored group MuddyWater, had been targeting VMware ESXi servers, crippling operations for businesses and institutions alike. Ransomware attacks often leave victims
BlackSuit Ransomware Dismantled in a Global Operation
BlackSuit ransomware dismantled! That’s the headline echoing across cybersecurity circles after a sweeping international effort shut down one of the most prolific ransomware groups in recent years. The operation, called “Operation Checkmate,” was led by Homeland Security Investigations (HSI), with support from the FBI, Europol, and multiple global law enforcement partners. A Ruthless Successor to Royal BlackSuit first emerged in
New EDR-Killer Tool Used by Eight Ransomware Gangs
A newly discovered EDR-killer tool is being actively deployed by at least eight different ransomware groups to disable antivirus and endpoint detection systems during attacks. The tool exploits a Bring Your Own Vulnerable Driver (BYOVD) method, allowing threat actors to neutralize even the most well-known security software. Shared but customized for each attack According to security researchers at Sophos, this
Cybercriminals and GenAI: How Hackers Are Weaponizing AI Tools
Cybercriminals and GenAI are forming a dangerous new alliance. AI tools are no longer just experimental, they’re fully integrated into modern cybercrime. From phishing to deepfakes, GenAI is giving hackers new capabilities that make attacks faster, smarter, and harder to detect. A new CrowdStrike report confirms what many in the security industry have feared: cybercriminals treat GenAI as a core
SafePay Ransomware Threatens Ingram Micro with Data Leak
Ingram Micro, one of the world’s largest IT distributors, is facing mounting pressure after the SafePay ransomware gang claimed responsibility for a devastating cyberattack and is now threatening to leak a massive trove of stolen data. Ransomware Hits Ingram Micro Operations The incident began on July 3, 2025, when Ingram Micro employees started receiving ransomware pop-ups. Core systems, including the
