Klue customers must review their Salesforce integrations as OAuth tokens have been compromised and a new extortion group claims responsibility for the attack.
A campaign called FortiBleed conducted by Russian-speaking actors has compromised over 86,600 Fortinet FortiGate devices and requires immediate protective measures by affected organizations.
Leaked GitHub tokens at Novo Nordisk demonstrate that secrets management must be properly addressed as an identity problem, not merely as a tooling challenge.
144 npm packages of the Mastra Framework have been infected with an infostealer that steals wallet and browser data during installation, already affecting the heavily-used core package.
Attackers compromised the update mechanisms of three WordPress plugins and distributed malware to over one million users through a supply-chain vulnerability.
Unauthorized administrator activities in isolated environments require defense-in-depth beyond the authentication layer, as compromises of the auth system can remain undetected for decades.
A publicly accessible ServiceNow API endpoint required no authentication under certain conditions, allowing unauthorized access to sensitive enterprise data.
Anthropic is investigating allegations of a data breach following Claude’s outage on June 5, 2026, but has so far only confirmed infrastructure problems and no additional data incidents.