SquareX claims to have found a way to abuse a hidden Comet API to execute local commands, but Perplexity says the research is fake. The post SquareX and Perplexity Quarrel Over Alleged Comet Browser Vulnerability appeared first on SecurityWeek.
Logitech has confirmed it experienced a data breach, and security leaders are sharing their insights.
Ever wonder how some IT teams keep corporate data safe without slowing down employees? Of course you have. Mobile devices are essential for modern work—but with mobility comes risk. IT admins, like you, juggle protecting sensitive data while keeping teams productive. That’s why more enterprises are turning to Samsung forRead More »Why IT Admins Choose Samsung for Mobile Security
A China-nexus threat actor known as APT24 has been observed using a previously undocumented malware dubbed BADAUDIO to establish persistent remote access to compromised networks as part of a nearly three-year campaign. “While earlier operations relied on broad strategic web compromises to compromise legitimate websites, APT24 has recently pivoted toRead More »APT24 Deploys BADAUDIO in Years-Long Espionage Hitting Taiwan and 1,000+ Domains
The company has operated in stealth mode for four months and has signed dozens of customers, including eight unicorns. The post Runlayer Emerges From Stealth Mode With $11 Million in Funding appeared first on SecurityWeek.
Introduction Email remains the main means of business correspondence at organizations. It can be set up either using on-premises infrastructure (for example, by deploying Microsoft Exchange Server) or through cloud mail services such as Microsoft 365 or Gmail. At first glance, it might seem that using cloud services offers a higherRead More »ToddyCat: your hidden email assistant. Part 1
The infamous ShinyHunters hackers have targeted customer-managed Gainsight-published applications to steal data from Salesforce instances. The post Salesforce Instances Hacked via Gainsight Integrations appeared first on SecurityWeek.
The U.S. Securities and Exchange Commission (SEC) has abandoned its lawsuit against SolarWinds and its chief information security officer, alleging that the company had misled investors about the security practices that led to the 2020 supply chain attack. In a joint motion filed November 20, 2025, the SEC, along withRead More »SEC Drops SolarWinds Case After Years of High-Stakes Cybersecurity Scrutiny
Salesforce has warned of detected “unusual activity” related to Gainsight-published applications connected to the platform. “Our investigation indicates this activity may have enabled unauthorized access to certain customers’ Salesforce data through the app’s connection,” the company said in an advisory. The cloud services firm said it has taken the stepRead More »Salesforce Flags Unauthorized Data Access via Gainsight-Linked OAuth Activity
Thailand’s Cyber Crime Investigation Bureau said an FBI tip that the “world-class hacker” was traveling to Thailand led to his arrest in Phuket. The post Russian Hacking Suspect Wanted by the FBI Arrested on Thai Resort Island appeared first on SecurityWeek.
