In a troubling new twist in the world of supply chain cyberattacks, cybersecurity giant Palo Alto Networks has confirmed that attackers breached its internal Salesforce environment by exploiting a third-party integration — specifically, a compromised link between Salesloft and its Drift application. The breach, which took place earlier in August, allowed threat actors to siphon off business contact details, sales account data, and internal case records. While the company insists that no core products or services were affected, the incident has raised fresh concerns over the security of interconnected SaaS platforms. “We immediately disconnected the vendor and launched a full…
Author: V Diwahar
V Diwahar
V Diwahar is a final-year B.E Cybersecurity student, independent security researcher, and founder of CyberInfos.in an - global cybersecurity analysis blog delivering technical depth, expert threat intelligence, and actionable security guidance to readers across the US, UK, Europe, Asia, and beyond. With hands-on academic and practical experience in ethical hacking, network security, malware analysis, penetration testing, vulnerability research, and digital forensics, I brings a practitioner's perspective to every article going beyond headlines to analyse what vulnerabilities and breaches actually mean, who is genuinely at risk, and what every reader should do about it right now. Every article published on CyberInfos.in is built on verified technical research CVE details cross-referenced with nvd.nist.gov, attack mechanics explained using real tools and lab environments, and expert analysis that challenges official statements when the evidence demands it. I founded CyberInfos.in with a single mission: to fill the gap between generic press-release rewrites and inaccessible technical papers delivering cybersecurity analysis that is deep enough for security professionals, clear enough for business owners, and actionable enough for everyone.
In a developing story with global implications, Google has issued an urgent security warning to its 2.5 billion Gmail users following a June breach of a Salesforce instance tied to the company. Security teams confirm the threat group ShinyHunters (UNC6040) gained unauthorized access to a corporate Salesforce instance, exposing business contact data that could fuel large-scale phishing and vishing campaigns. Who’s Affected? Google says core consumer services like Gmail and Google Drive were not directly breached and that no passwords or financial information were exposed. The compromised Salesforce records contained business contact information, emails, and sales notes for small and…
Let’s talk about something most of us ignore until it’s too late: the quiet software running behind the scenes—like the Lenovo Protection Driver. I get it, the name alone sounds as thrilling as reading a parking meter manual. But what if I told you a tiny bug in this “boring” bit of code could let attackers worm their way into your computer and do almost anything they want? If your Lenovo laptop or desktop helps you get through school or work, or is just your digital sidekick for daily life, hang with me for a few minutes—you’ll want to know…
In April 2025, a major incident shook the healthcare world — the Esse Health data breach. It exposed the sensitive details of over 263,000 patients, sparking concern across the industry. Cybercriminals targeted Esse Health, a trusted Missouri-based healthcare provider, compromising data many of us consider sacred. This wasn’t just another headline. It’s a reminder of how fragile our personal health information really is, even when we trust professionals with it. What Happened in the Esse Health Data Breach? Initial Discovery of the Breach The breach was discovered on April 21, 2025, when suspicious network activity raised alarms. Esse Health acted…
Cyber threats are no longer just a concern for tech companies or government offices. In June 2025, the International Criminal Court (ICC) faced a ICC cyber attack that exposed the growing risks to global justice systems. This incident wasn’t just a breach—it was a clear signal to the world that even the highest legal institutions are vulnerable. In this article, we’ll break down what happened, why it matters, and what must be done next to prevent such attacks in the future. What Happened at the ICC? The cyber attack was detected in late June 2025. The cybersecurity team quickly noticed unusual…
If you’ve been relying on Microsoft Authenticator to store and autofill your passwords, there’s a big change coming that you really need to know about. Microsoft is officially phasing out password management from its Authenticator app, starting with the removal of the autofill feature in July 2025, and completely ending password access in August 2025. While this might feel like one more tech inconvenience in a world already full of them, it’s actually part of a broader, more secure shift toward a passwordless future. But before we dive into what that future looks like,In this post let’s break down what’s…