Find below interesting blogs on third party risk management
Date of Incident: 2025-05 Overview: In May 2025, Stellantis experienced a data breach involving unauthorized access to a third-party Salesforce platform used for customer service operations in North America. Attackers stole over 18 million records containing customer contact information, including names and contact details. No financial or sensitive personal information was compromised. The breach was… Read More »Stellantis Salesforce Data Breach
The final week of August was marked by an unprecedented intersection of SaaS, supply chain, and state infrastructure attacks. Standout incidents included the highly technical s1ngularity AI-assisted supply chain compromise of Nx, the widespread theft of Salesforce and Google data via the Salesloft Drift OAuth breach, and ransomware that brought Nevada’s government services to a… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 09 Sep – 15 Sep, 2025
September 2025 has exposed the catastrophic vulnerability of supply chain ecosystems and education infrastructure, with over 71.5 million individuals affected across eight major cybersecurity incidents. The reporting period demonstrates an unprecedented escalation in nation-state operations orchestrated by UNC6395 (Chinese-linked APT) through sophisticated OAuth token supply chain attacks, while education technology platforms suffered the largest data… Read More »Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 02 Sep – 08 Sep, 2025
The past week has witnessed a sophisticated escalation in nation-state and organized crime group activities, with over 5 million individuals affected across six major cybersecurity incidents. The reporting period is dominated by supply chain attacks targeting OAuth integrations, advanced ransomware campaigns against critical infrastructure, and coordinated credential harvesting operations orchestrated by the Chinese-linked threat actor… Read More »Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 26 Aug – 01 Sep, 2025
In another blow to consumer data privacy, European retail giant Auchan has confirmed a data breach that impacted several hundred thousand of its customers. The breach specifically targeted customer loyalty accounts and resulted in the unauthorized exposure of sensitive personal information. >>Outpace Attackers With AI-Based Automated Penetration Testing What Was Exposed? Auchan’s loyalty program, a… Read More »Auchan Data Breach: Loyalty Program Compromise Exposes Customer Information