Daily Shorts

Salesforce emphasized that the attacks stem from user manipulation and not vulnerabilities in its software|Ajay Suresh|CC BY 2.0

A hacking group called the Com breached at least 20 US and European companies’ Salesforce systems by impersonating IT staff, according to a report from Google’s threat intelligence team.

Google and Salesforce emphasized that the attacks stem from user manipulation and not vulnerabilities in its software.

What happened?
The hackers employed social engineering tactics, including calling employees and pretending to be tech support, to trick them into divulging credentials or installing malicious apps. In some cases, victims didn’t even receive extortion demands until months later.

Retail has been a favorite target lately. Adidas, Victoria’s Secret, and British grocer Co-op Group were all hit by cyberattacks recently. Marks & Spencer is reeling from a ransomware attack in April that may cost it $406 million in profits.

While Google hasn’t tied the Com hacking crew to the above breaches, their methods mirror those of Scattered Spider, another group that got Caesars Entertainment to shell out a $30 million ransom in 2023.

Google urged companies to invest in employee cybersecurity training.

Hackers stole Salesforce data from firms

Amazon’s next delivery agent: A humanoid robot

The next Apple software update will reportedly be named iOS 26

Nvidia reports strong results despite export restrictions on China

Trump targets iPhones, threatens 25% tariff

OpenAI to buy Jony Ive’s company, marking entry into hardware

Apple blocks ‘Fortnite’ resubmission to iOS App Store