If you’ve worked with Kali Linux for a while, you know how much time can disappear into scanning, enumerating, and re-checking the same things. Anyone who’s spent hours fine-tuning Nmap scripts or digging through scan reports understands how repetitive some parts of penetration testing can get. That’s where Gemini CLI, introduced in Kali Linux 2025.3, quietly changes the game. Unlike another “AI hype” release, Gemini CLI isn’t built to show off artificial intelligence. It’s designed to help real people do real security work faster. It brings Google’s Gemini AI model right into your terminal, acting as a command-line assistant that…
Author: Cyber infos
A funny thing has happened in cybersecurity over the last decade: the battlefield has shifted. Once upon a time, email was enemy number one. Firewalls and antivirus were the front-line defenses. But as businesses moved their lives into SaaS platforms and cloud apps, the browser quietly became the new frontline — and attackers know it. If your employees are in Salesforce, Slack, Jira, Google Workspace, or any of the hundreds of other web apps businesses depend on, then the browser is where the action is. And it’s also where attackers are landing their punches. So, what exactly is a “browser-based…
Artificial intelligence is everywhere these days. It’s making medical predictions, detecting fraud, filtering job applications, and powering the chatbots we interact with daily. But here’s the uncomfortable truth: most AI systems aren’t built with security in mind. They can be tricked, poisoned, or misused in ways that traditional cybersecurity tools don’t even begin to cover. That gap is exactly what the new Red AI Range (RAR) is trying to close. It’s an open-source platform built to let security teams stress test AI models the same way we’ve been red teaming networks and applications for years. Think of it as a…
Cybersecurity firm Tenable has confirmed that it experienced a data breach, and while the amount of information exposed may look limited on the surface, the situation still raises important questions. If a company that builds tools to protect others from attacks can get hit itself, what does that say about the rest of us? The incident, which Tenable has publicly acknowledged, involved unauthorized access to part of its Salesforce environment. Attackers were able to view customer contact details and information from support cases. No passwords, payment data, or highly sensitive business files appear to have been stolen, but that doesn’t…
In a troubling new twist in the world of supply chain cyberattacks, cybersecurity giant Palo Alto Networks has confirmed that attackers breached its internal Salesforce environment by exploiting a third-party integration — specifically, a compromised link between Salesloft and its Drift application. The breach, which took place earlier in August, allowed threat actors to siphon off business contact details, sales account data, and internal case records. While the company insists that no core products or services were affected, the incident has raised fresh concerns over the security of interconnected SaaS platforms. “We immediately disconnected the vendor and launched a full…
In a developing story with global implications, Google has issued an urgent security warning to its 2.5 billion Gmail users following a June breach of a Salesforce instance tied to the company. Security teams confirm the threat group ShinyHunters (UNC6040) gained unauthorized access to a corporate Salesforce instance, exposing business contact data that could fuel large-scale phishing and vishing campaigns. Who’s Affected? Google says core consumer services like Gmail and Google Drive were not directly breached and that no passwords or financial information were exposed. The compromised Salesforce records contained business contact information, emails, and sales notes for small and…