Issue #167 - September 15, 2025
- Weekly INK
- Sep 14, 2025
- 2 min read
689,000 Affected by Insider Breach at FinWise Bank
Source: SecurityWeek
A former FinWise Bank employee accessed sensitive data linked to American First Finance customers, affecting 689,000 individuals. Exposed details include names, addresses, and Social Security numbers. The case highlights insider risks and the importance of strong internal access controls and monitoring.
FBI Shares IOCs for Recent Salesforce Intrusion Campaigns
Source: SecurityWeek
The FBI released indicators of compromise tied to attacks exploiting Salesforce cloud environments. Threat actors accessed corporate accounts and stole sensitive data, impacting multiple U.S. businesses. Officials urge organizations to review the IOCs and tighten SaaS platform security monitoring.
Target-Rich Environment: Why Microsoft 365 Has Become the Biggest Risk
Source: BleepingComputer
Microsoft 365 remains the prime target for cybercriminals due to its ubiquity across businesses. Experts warn that credential theft, phishing, and misconfigured cloud settings make the platform a major risk. SMBs must adopt MFA, strict admin controls, and better monitoring to defend against account takeovers.
The Cloud Edge: A New Attack Surface
Source: Dark Reading
As enterprises adopt cloud-edge architectures, attackers gain new opportunities to exploit hybrid networks. Experts warn that cloud-to-edge connectivity expands the attack surface, making consistent security controls vital. Organizations are urged to adopt zero trust, continuous monitoring, and rigorous patch management to reduce exposure.
ShinyHunters Claims 1.5 Billion Stolen Salesforce Records
Source: DataBreachToday
The ShinyHunters cybercrime group claims to have stolen 1.5 billion Salesforce records, including customer data from multiple companies. Investigators caution that data may be resold on dark web markets. The massive scale underscores growing risk in SaaS platforms and supply chain breaches.