ShinyHunters Breaches Salesforce Ecosystem via Gainsight; SEC Drops Landmark SolarWinds Lawsuit

ShinyHunters Hits Salesforce Again, Breaching Customers via Gainsight App

Salesforce has disclosed a significant data breach affecting its customers, stemming from a compromised connection with the Gainsight customer success application. The notorious cybercrime group ShinyHunters, also tracked as UNC6240, has claimed responsibility...

SEC Abandons Landmark Lawsuit Against SolarWinds and its CISO

In a surprising move, the U.S. Securities and Exchange Commission (SEC) has voluntarily dismissed its civil enforcement action against SolarWinds and its CISO, Timothy G. Brown. The lawsuit, filed in October 2023, had accused the company and Brown of misleadin...

SANS Report: OT/ICS Cyber Incidents Rising, 40% Cause Downtime

A new report from the SANS Institute highlights a dangerous trend in the security of Operational Technology (OT) and Industrial Control Systems (ICS). The '2025 State of ICS/OT Security Report' found that over 21% of organizations experienced a cyber incident...

WEL Companies Investigated for Data Breach Affecting 122,960 People

The law firm Schubert Jonckheer & Kolbe LLP is investigating transportation and logistics firm WEL Companies, Inc., following a data breach that compromised the sensitive personal information of 122,960 people. The breach, which exposed names, Social Security...

Patch Now: Microsoft Fixes Actively Exploited Windows Kernel Zero-Day

Update:The actively exploited Windows Kernel zero-day, CVE-2025-62215, has been added to CISA's Known Exploited Vulnerabilities (KEV) catalog, underscoring its critical threat level and the urgent need for patching. Microsoft also clarified that while exploitation is...