Vendors
-
Microsoft to block unauthorized scripts on Entra ID sign-ins with CSP update
Microsoft will change the Content Security Policy for browser-based Entra ID sign-ins at login.microsoftonline.com to block unauthorized scripts and allow only trusted Microsoft domains, with a global rollout beginning mid-to-late October 2026; organisations are asked to test sign-in flows and avoid tools that inject code.
-
OpenAI notifies some API customers after Mixpanel analytics vendor hacked
OpenAI said some ChatGPT API customers had limited identifying information exposed after a smishing-driven compromise of analytics vendor Mixpanel; no chats, API requests, credentials or payment data were exposed and both companies have taken mitigation steps while investigations continue.
-
Gainsight says more customers affected as Salesforce revokes Gainsight-linked access tokens
Gainsight said suspicious activity tied to its applications affected more customers than initially reported and that Salesforce revoked related access tokens; the intrusion has been claimed by ShinyHunters while investigators and vendors take containment steps.
-
Qilin ransomware deployed in supply-chain attack hits South Korean financial firms
Security researchers say a supply‑chain compromise of a managed service provider enabled Qilin ransomware to hit multiple South Korean financial firms in September 2025, stealing more than 1 million files and about 2 TB of data in a campaign researchers call “Korean Leaks.”
-
ASUS issues firmware updates to fix critical AiCloud authentication bypass
ASUS has issued firmware updates to fix nine vulnerabilities, including a critical authentication bypass (CVE-2025-59366) in routers with AiCloud enabled, and advised users to update firmware or apply mitigations for end-of-life devices.
-
Firefox patch fixes high-severity WebAssembly bug that lingered for six months
AISLE disclosed a high-severity WebAssembly boundary error in Firefox (CVE-2025-13016) that allowed memory corruption and could enable arbitrary code execution; Mozilla released a patch in Firefox 145 and ESR 140.5 after rapid confirmation and remediation.
-
Major US banks review exposure after SitusAMC data breach
SitusAMC, a mortgage services vendor, said attackers accessed its systems in a breach discovered Nov. 12 and confirmed Nov. 22; major banks including JPMorgan, Citi and Morgan Stanley are reviewing potential customer data exposure while the FBI and the company continue an investigation.
-
Grafana patches CVSS 10.0 SCIM flaw that could allow impersonation
Grafana released updates to fix CVE-2025-41115, a CVSS 10.0 vulnerability in its SCIM provisioning component that could allow privilege escalation or user impersonation when specific configuration options are enabled; affected Enterprise versions and fixed releases were listed and users are urged to apply patches.
-
SEC asks court to dismiss lawsuit against SolarWinds and its CISO
The SEC moved to voluntarily dismiss its enforcement action against SolarWinds and CISO Timothy G. Brown on Nov. 20, 2025. The agency had accused the company of overstating cybersecurity practices and failing to disclose risks related to the 2020 supply‑chain compromise, but many allegations were previously dismissed by a federal court.
-
Salesforce revokes Gainsight app tokens after suspected unauthorized access
Salesforce revoked access tokens and removed Gainsight-published applications from the AppExchange after detecting activity that may have allowed unauthorised access to some customers’ data; investigations attribute the campaign to actors linked to the ShinyHunters group.
