Phishers Exploit Salesforce's Email Services Zero-Day in Targeted Facebook Campaign

A sophisticated Facebook phishing campaign has been observed exploiting a zero-day flaw in Salesforce's email services, allowing threat actors to craft targeted phishing messages using the company's domain and infrastructure. "Those phishing campaigns cleverly evade conventional detection methods by chaining the Salesforce vulnerability and legacy quirks in Facebook's Web Games platform,"

Posted from: Click here for the full article.

留言

發佈留言

此網誌的熱門文章

OttoKit WordPress Plugin Admin Creation Vulnerability Under Active Exploitation

A newly disclosed high-severity security flaw impacting OttoKit (formerly SureTriggers) has come under active exploitation within a few hours of public disclosure. The vulnerability, tracked as CVE-2025-3102 (CVSS score: 8.1), is an authorization bypass bug that could permit an attacker to create administrator accounts under certain conditions and take control of susceptible websites. "The Posted from: Click here for the full article .
閱讀更多

Cisco Releases Urgent Patch to Fix Critical Flaw in Emergency Responder Systems

Cisco has released updates to address a critical security flaw impacting Emergency Responder that allows unauthenticated, remote attackers to sign into susceptible systems using hard-coded credentials. The vulnerability, tracked as CVE-2023-20101 (CVSS score: 9.8), is due to the presence of static user credentials for the root account that the company said is usually reserved for use during Posted from: Click here for the full article .
閱讀更多

CISA Adds NAKIVO Vulnerability to KEV Catalog Amid Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity security flaw impacting NAKIVO Backup & Replication software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability in question is CVE-2024-48248 (CVSS score: 8.6), an absolute path traversal bug that could allow an unauthenticated attacker to Posted from: Click here for the full article .
閱讀更多