- Feds Seize $6.4M VerifTools Fake-ID Marketplace, but Operators Relaunch on New Domainby info@thehackernews.com (The Hacker News) on 29/08/2025 at 09:05
Authorities from the Netherlands and the United States have announced the dismantling of an illicit marketplace called VerifTools that peddled fraudulent identity documents to cybercriminals across the world. To that end, two marketplace domains (verif[.]tools and veriftools[.]net) and one blog have been taken down, redirecting site visitors to a splash page stating the action was undertaken by
- Google Warns Salesloft OAuth Breach Extends Beyond Salesforce, Impacting All Integrationsby info@thehackernews.com (The Hacker News) on 29/08/2025 at 07:24
Google has revealed that the recent wave of attacks targeting Salesforce instances via Salesloft Drift is much broader in scope than previously thought, stating it impacts all integrations. "We now advise all Salesloft Drift customers to treat any and all authentication tokens stored in or connected to the Drift platform as potentially compromised," Google Threat Intelligence Group (GTIG) and
- TamperedChef Malware Disguised as Fake PDF Editors Steals Credentials and Cookiesby info@thehackernews.com (The Hacker News) on 29/08/2025 at 04:17
Cybersecurity researchers have discovered a cybercrime campaign that's using malvertising tricks to direct victims to fraudulent sites to deliver a new information stealer called TamperedChef. "The objective is to lure victims into downloading and installing a trojanized PDF editor, which includes an information-stealing malware dubbed TamperedChef," Truesec researchers Mattias Wåhlén, Nicklas
- Researchers Find VS Code Flaw Allowing Attackers to Republish Deleted Extensions Under Same Namesby info@thehackernews.com (The Hacker News) on 28/08/2025 at 17:10
Cybersecurity researchers have discovered a loophole in the Visual Studio Code Marketplace that allows threat actors to reuse names of previously removed extensions. Software supply chain security outfit ReversingLabs said it made the discovery after it identified a malicious extension named "ahbanC.shiba" that functioned similarly to two other extensions – ahban.shiba and ahban.cychelloworld –
- Salt Typhoon Exploits Cisco, Ivanti, Palo Alto Flaws to Breach 600 Organizations Worldwideby info@thehackernews.com (The Hacker News) on 28/08/2025 at 14:04
The China-linked advanced persistent threat (APT) actor known as Salt Typhoon has continued its attacks targeting networks across the world, including organizations in the telecommunications, government, transportation, lodging, and military infrastructure sectors. "While these actors focus on large backbone routers of major telecommunications providers, as well as provider edge (PE) and