🛑 Gainsight just revealed more customers were affected than originally disclosed.

Salesforce revoked all Gainsight access tokens after the breach tied to ShinyHunters — and the same user-agent from prior Salesloft attacks popped up again.

The full scope remains unknown.

Read here → https://thehackernews.com/2025/11/gainsight-expands-impacted-customer.html

🚨 New ThreatsDay Bulletin is live!

🤖 AI malware that learns your habits
📞 Voice bots turned into attack tools
💸 Crypto rings laundering billions
🔌 IoT gear under siege again
🌍 Smishing scams spreading worldwide

All that and 20+ more stories shaping the week in cybersecurity.

🔗 Read now: https://thehackernews.com/2025/11/threatsday-bulletin-ai-malware-voice.html

Microsoft will block all non-Microsoft scripts on Entra ID logins starting Oct 2026.

If your sign-in flow or browser extension injects any code, it may break — so test ASAP.

The new Content Security Policy only lets trusted Microsoft-hosted scripts.

Read more → https://thehackernews.com/2025/11/microsoft-to-block-unauthorized-scripts.html

Hackers posing as Kyrgyzstan’s Justice Ministry are spreading 2013-era NetSupport RAT across Kyrgyzstan and Uzbekistan using fake PDFs and old Java tricks—blocking outsiders to hide the attack.

Old tools. New victims. → https://thehackernews.com/2025/11/bloody-wolf-expands-java-based.html