Npav Lab - Page 19

Zscaler Salesforce Breach 2025: UNC6395 Exploits OAuth Tokens in Largest SaaS Attack

Posted: September 02, 2025

Categories: Cyber Attack, Data Backup

Tags: fp-3b, fp-3a, fp-1b, fp-1a

Author: Npav Lab

In August 2025, Zscaler disclosed a major Salesforce breach involving OAuth token compromise by threat group UNC6395, impacting over 700 companies worldwide. Learn how to protect your SaaS environment.

Cybersecurity Alert: 8 Malicious NPM Packages Target Windows Chrome Users

Posted: September 01, 2025

Categories: Google, Windows

Tags: fp-6d, fp-6a

Author: Npav Lab

Researchers found 8 malicious NPM packages targeting Windows Chrome users with obfuscated code to steal passwords, credit cards, and crypto wallets. Learn more.

Sangoma FreePBX Authentication Bypass Vulnerability Risks Remote Code Execution

Posted: September 01, 2025

Categories: vulnerability

Tags: fp-1b

Author: Npav Lab

Learn about the critical Sangoma FreePBX authentication bypass vulnerability that risks remote code execution and how to protect your system.

Sindoor Dropper Malware Targets Linux Systems Using Weaponized .desktop Files

Posted: September 01, 2025

Categories: Malware Alerts

Tags: fp-6e, fp-4b, fp-3b, fp-3a

Author: Npav Lab

Discover how Sindoor Dropper malware uses weaponized .desktop files to infect Linux systems via spear-phishing and deploys MeshAgent RAT.

AI-Generated Ransomware Evades Antivirus Detection: New Cybersecurity Threat in 2025

Posted: September 01, 2025

Categories: Ransomware, AI

Tags: fp-3b, fp-3a, fp-1b

Author: Npav Lab

Discover how AI-generated ransomware bypasses antivirus software, posing new cybersecurity risks in 2025 and challenging traditional defenses.

TamperedChef Malware Disguised as AppSuite PDF Editor Steals Sensitive Data

Posted: August 28, 2025

Categories: Malware Alerts, Data Breach, AI

Tags: fp-3b, fp-3a, fp-1a

Author: Npav Lab

Discover how the TamperedChef malware uses a fake PDF editor to steal login credentials and sensitive data in a widespread 2025 cyberattack.

PromptLock: The First AI-Powered Ransomware Discovered Using OpenAI's gpt-oss:20b Model

Posted: August 28, 2025

Categories: Ransomware, AI

Tags: fp-4c, fp-4b, fp-4a, fp-3b, fp-3a, fp-1b

Author: Npav Lab

Discover PromptLock, the first AI-powered ransomware using OpenAI's gpt-oss:20b model, enabling sophisticated attacks across multiple platforms.

Underground Ransomware Gang: Evolving Tactics Threaten Global Organizations in 2024

Posted: August 28, 2025

Categories: Ransomware

Tags: fp-3b, fp-3a, fp-1b, fp-1a

Author: Npav Lab

Explore how the Underground ransomware gang is enhancing tactics against global organizations, using advanced encryption and targeted attacks.

Salesloft OAuth Breach: How Hackers Exposed Salesforce Customer Data via Drift AI Chat Agent

Posted: August 28, 2025

Categories: Cyber Attack, Data Breach, AI

Tags: fp-3b, fp-2a, fp-1b

Author: Npav Lab

Discover how the Salesloft OAuth breach compromised Salesforce customer data through the Drift AI chat agent, affecting over 700 organizations.

Fake Loan Apps Resurface in India: Global Network Under Investigation

Posted: August 27, 2025

Categories: Android Security, Financial fraud, Fraud Protector, Mobile Frauds

Tags: fp-2e, fp-2d, fp-2c, fp-2b, fp-2a, fp-1a

Author: Npav Lab

Discover how fake loan apps in India are trapping users in harassment and blackmail. Learn about the global network behind these predatory practices and the ongoing regulatory challenges.