Researchers said Google Workspace customers were hit, and noted other platforms are impacted as well. Fresh evidence proves impact was not limited to Salesforce, as Salesloft previously…

A threat group Google tracks as UNC6395 systematically stole large amounts of data from Salesforce customer instances by using OAuth tokens stolen from Salesloft Drift, researchers said.

About 20 organizations have been impacted and the pace of attacks is rising. Threat researchers and SonicWall are scrambling to determine the root cause.

Google Threat Intelligence Group said a financially motivated threat group is abusing the outdated remote access VPN devices, underscoring a continued pattern of threats confronting SonicWall customers.

The vendor disclosed the critical zero-day in NetScaler ADC and NetScaler Gateway nine days after it warned of a pair of defects in the same products.

The besieged security vendor maintains the latest exploited vulnerabilities in its products are entirely linked to unspecified security issues in open-source libraries. Some researchers aren’t buying it.

Experts tell CyberScoop that the U.S. telecom system is just too technologically fragmented to gather a clear picture of threats, and too big to ever fully eject…

The network security device vendor is making a regular appearance on CISA’s known exploited vulnerabilities catalog. Unlike its competitors, SonicWall hasn’t signed the secure-by-design pledge.

Mandiant said exploits were the most common initial access vector last year, linking software defects to 1 in 3 attacks. The most commonly exploited vulnerabilities affected network…

Exploited vulnerabilities have turned up in Ivanti products 16 times since 2024. That’s more than any other vendor in the network edge device space.