Daily Security Briefing 010
- DjediTech
- Security , Newsletter
- September 14, 2025
Table of Contents
September 14, 2025 | Read Online
FBI alerts on Salesforce data theft, VoidProxy phishing targets Microsoft 365/Google, Upcoming cybersecurity talks announced
Executive Summary
Today’s cybersecurity landscape is marked by heightened activity from sophisticated threat actors targeting critical cloud services. The FBI has issued urgent warnings about hackers exploiting Salesforce environments to steal sensitive data and extort organizations. Meanwhile, a new phishing-as-a-service platform named VoidProxy is actively targeting Microsoft 365 and Google accounts, including those secured by advanced single sign-on providers. These developments underscore the ongoing risks to cloud identity and data security. In parallel, efforts to foster cybersecurity awareness continue with upcoming speaking engagements from notable experts.
Top Articles
FBI warns of UNC6040, UNC6395 hackers stealing Salesforce data
The FBI has issued a FLASH alert about two sophisticated hacking clusters, UNC6040 and UNC6395, compromising Salesforce environments worldwide. These threat actors target organizations to exfiltrate sensitive data and subsequently demand ransom, reflecting a growing trend of cloud application exploitation. Companies using Salesforce are urged to enhance monitoring and tighten security controls immediately.
BleepingComputer
New VoidProxy phishing service targets Microsoft 365, Google accounts
VoidProxy, a newly identified phishing-as-a-service platform, has emerged with the capability to bypass traditional security by targeting Microsoft 365 and Google accounts. The service also compromises those protected by third-party single sign-on systems like Okta, signaling increasing complexity in phishing threats. Security teams should update defenses and educate users to recognize this evolving attack vector.
BleepingComputer
Upcoming Speaking Engagements
Notable cybersecurity expert Bruce Schneier has announced upcoming events where he will speak and sign books, including a Cambridge Public Library event on October 22 and a virtual talk hosted by Data & Society on October 23. These sessions will discuss themes from his latest work, Rewiring Democracy, offering valuable insights into cybersecurity and societal impacts. Details remain forthcoming for additional engagements.
Schneier.com
AI Transparency: This newsletter uses AI to curate, rank, and summarize cybersecurity content from leading industry blogs. All articles link directly to original authors. Executive summaries are AI-generated based on article content. I curate the sources and deliver the digest—the original authors deserve the credit for their excellent work.