A group Google is tracking as UNC6040 has been tricking users into installing a malicious version of a Salesforce app to gain access to and steal data from the platform.
June 5, 2025
Daily Edition
Today’s news and insights for cybersecurity professionals
- Today's News and Features -
TOP STORY
Feed image
Vishing Crew Targets Salesforce Data‎‎‎
A group Google is tracking as UNC6040 has been tricking users into installing a malicious version of a Salesforce app to gain access to and steal data from the platform.‎‎‎
Feed image
Attackers Impersonate Ruby Packages to Steal Sensitive Telegram Data‎‎‎
Malicious RubyGems pose as a legitimate plug-in for the popular Fastlane rapid development platform in a geopolitically motivated attack with global supply chain reach.‎‎‎
Feed image
Researchers Bypass Deepfake Detection With Replay Attacks‎‎‎
An international group of researchers found that simply rerecording deepfake audio with natural acoustics in the background allows it to bypass detection models at a higher-than-expected rate.‎‎‎
Feed image
35K Solar Devices Vulnerable to Potential Hijacking‎‎‎
A little more than three-quarters of these exposed devices are located in Europe, followed by Asia, with 17%.‎‎‎
DR GLOBAL
Feed image
Iranian APT 'BladedFeline' Hides in Network for 8 Years‎
ESET published research on the Iranian APT "BladedFeline," which researchers believe is a subgroup of the cyber-espionage entity APT34.‎
DR GLOBAL
Feed image
Cybersecurity Training in Africa Aims to Bolster Professionals' Ranks‎
The United Nations, Carnegie Mellon University, and private organizations are all aiming to train the next generation of cybersecurity experts, boost economies, and disrupt pipelines to armed groups.‎
THE EDGE
Feed image
How to Approach Security in the Era of AI Agents‎
Organizations need to implement these five essential security controls to safely harness the power of autonomous AI agents while still protecting enterprise assets.‎
DR TECHNOLOGY
Feed image
From Code Red to Rust: Microsoft's Security Journey‎
At this year's Build developer conference, Microsoft reflected on what the company learned about securing features and writing secure code in the early 2000s.‎
VIRTUAL EVENT
Strategic Security for the Modern Enterprise
Zero trust and secure access service edge (SASE) approaches to securing networks are all the rage, so how do you harness them to fortify your environment? In this virtual event on June 26, we’ll explore these security strategies as well as next-generation threat detection that employs valuable data analytics.
SPONSORED ARTICLE
Feed image
Emphasize Security, Compliance in Cloud Migrations‎‎‎
Failing to consider security and compliance when migrating to the cloud may increase your risk of falling victim to a data breach.‎‎‎
- Commentary -
Opinions from thought leaders around the cybersecurity industry
Feed image
How Neuroscience Can Help Us Battle 'Alert Fatigue'‎‎‎
By understanding the neurological realities of human attention, organizations can build more sustainable security operations that protect not only their digital assets but also the well-being of those who defend them.‎‎‎
Feed image
Beware of Device Code Phishing‎‎‎
Hackers are exploiting trusted authentication flows — like Microsoft Teams and IoT logins — to trick users into handing over access tokens, bypassing MFA and slipping undetected into corporate networks.‎‎‎
- Upcoming Events -
Jun 19, 2025
Jun 26, 2025
- More Resources -
WHITE PAPER
WHITE PAPER
WHITE PAPER
REPORT
- Elsewhere in Cyber Today -
SOPHOS
MALWAREBYTES
CYBERSECURITY DIVE
- Do You Find Today’s Newsletter Helpful? -
Yes
Not sure
No
You received this message because you are subscribed to Dark Reading's Daily newsletter.
If a friend forwarded you this message, sign up here to get it in your inbox. Thoughts about this newsletter? Give us feedback.
Copyright © 2025 TechTarget, Inc. or its subsidiaries. All rights reserved.
Operated by TechTarget, Inc. and its subsidiaries,
275 Grove Street, Newton, Massachusetts, 02466 US