FBI warns of new Salesforce attacks
The FBI has issued a FLASH warning about Salesforce compromises linked to UNC6040 and UNC6395, urging companies to tighten defenses and report suspicious activity.
Security
Perplexity Comet security flaw shows AI browsers are easily hijacked
Brave researchers disclosed a vulnerability in Perplexity’s Comet AI browser that lets hidden prompt injections hijack user sessions. The attack shows why agentic AI browsing needs new security models.
Plex users urged to update Media Server after security flaw exposed
Plex has patched a security issue affecting recent versions of its Media Server and is urging users to update immediately.
Wyze Duo Cam Pan delivers dual-lens 2K security for under $70
The Wyze Duo Cam Pan offers two 2K lenses, pan-and-tilt tracking, and full smart home integration for just $69.98.
LastPass launches SaaS Protect to fight Shadow AI and app chaos
LastPass is stepping deeper into SaaS governance with SaaS Protect, a new feature launched at Black Hat 2025. The tool helps businesses fight Shadow AI, credential misuse, and SaaS sprawl.
Mozilla warns developers of phishing campaign
Mozilla is alerting add-on developers about a phishing campaign targeting AMO accounts with fake emails. Here’s how to protect yourself.
Norton brings deepfake scam detection to mobile devices with AI-powered Genie
Norton adds AI-powered deepfake protection to its Genie Assistant for mobile, helping users detect fake voices and videos with simple tools.
Proton Authenticator brings secure and private 2FA to Linux, Windows, Mac, and mobile for free
Proton Authenticator is a free, open-source 2FA app for desktop and mobile with encrypted sync, offline support, and full cross-platform flexibility.
Dropbox Passwords is shutting down and users need to act fast
Dropbox Passwords is being discontinued, and your saved logins will be deleted if you don’t act before October 28.
ExpressVPN leaked real IP addresses on Windows — can users still trust it?
ExpressVPN has patched a privacy issue in its Windows app that leaked certain traffic outside the VPN tunnel. Here’s what happened and why you should update.
BigONE confirms $27 million crypto theft but promises full reimbursement to users
Crypto exchange BigONE has lost $27 million in a hot wallet hack but says users will be fully reimbursed using internal reserves.
1Password’s new AWS tool helps companies lock down rogue AI agents and shadow SaaS apps
1Password launches MCP Server for Trelica on AWS Marketplace to help companies control AI agents and shadow IT. Here’s why it matters.