News

The products affected by the issues are part of the Salesforce OmniStudio suite, including FlexCards and Data Mappers

Malwarebytes claims 44% of mobile users are exposed to scams every day

Microsoft has patched two zero days this month, one of which is being exploited in the wild

If you’re an AT&T customer, now’s the time to take action. A previously reported data breach has exposed personal information from millions of accounts—and that data is reportedly up for sale on underground hacking forums.

According to cybersecurity researchers, a database containing up to 86 million AT&T customer records is being sold on Russian cybercrime forums. This leaked info includes sensitive personal details like:

• Full names
• Birthdates
• Phone numbers
• Email addresses
• Physical addresses
• And nearly 44 million Social Security numbers stored in plain text

Yes, you read that right—Social Security numbers stored in plain text. That’s a goldmine for identity thieves.

What Should You Do?

AT&T released the following statement to McAfee, “After analysis by our internal teams as well as external data consultants, we are confident this is repackaged data previously released on the dark web in March 2024. Affected customers were notified at that time. We have notified law enforcement of this latest development.” Additonally, AT&T offered credit monitoring and identity theft protection to those customers whose sensitive personal information was compromised as part of the notice in 2024.

However, for extra peace of mind, McAfee recommends the following:

1. Check your credit reports – Look for any unfamiliar accounts or activity. You’re entitled to a free credit report every year from each major bureau at AnnualCreditReport.com.

2. Change your AT&T account password – Especially if you haven’t updated it recently, or if you reuse that password elsewhere.

3. Set up fraud alerts or credit freezes – It’s a smart move to stop scammers from opening new accounts in your name.

4. Monitor for identity theft – Consider using an identity monitoring service that can alert you to suspicious activity across your credit, bank, and public records.

5. Protect your digital life – Consider signing up for a McAfee+ protection plan. You’ll get automatic scam alerts, security for unlimited devices, and 24/7 identity monitoring—plus up to $2 million in identity theft coverage and recovery support from U.S.-based experts. McAfee handles the heavy lifting with dark web monitoring and scam prevention, so you can get back to living your life with confidence.

Taking steps now can help keep your identity safe in the long run.

 

 

The post Your Social Security Number Could be for Sale: Old AT&T Data Leak Exposes 44M SSN Numbers appeared first on McAfee Blog.

Microsoft today released security updates to fix at least 67 vulnerabilities in its Windows operating systems and software. Redmond warns that one of the flaws is already under active attack, and that software blueprints showing how to exploit a pervasive Windows bug patched this month are now public.

The sole zero-day flaw this month is CVE-2025-33053, a remote code execution flaw in the Windows implementation of WebDAV — an HTTP extension that lets users remotely manage files and directories on a server. While WebDAV isn’t enabled by default in Windows, its presence in legacy or specialized systems still makes it a relevant target, said Seth Hoyt, senior security engineer at Automox.

Adam Barnett, lead software engineer at Rapid7, said Microsoft’s advisory for CVE-2025-33053 does not mention that the Windows implementation of WebDAV is listed as deprecated since November 2023, which in practical terms means that the WebClient service no longer starts by default.

“The advisory also has attack complexity as low, which means that exploitation does not require preparation of the target environment in any way that is beyond the attacker’s control,” Barnett said. “Exploitation relies on the user clicking a malicious link. It’s not clear how an asset would be immediately vulnerable if the service isn’t running, but all versions of Windows receive a patch, including those released since the deprecation of WebClient, like Server 2025 and Windows 11 24H2.”

Microsoft warns that an “elevation of privilege” vulnerability in the Windows Server Message Block (SMB) client (CVE-2025-33073) is likely to be exploited, given that proof-of-concept code for this bug is now public. CVE-2025-33073 has a CVSS risk score of 8.8 (out of 10), and exploitation of the flaw leads to the attacker gaining “SYSTEM” level control over a vulnerable PC.

“What makes this especially dangerous is that no further user interaction is required after the initial connection—something attackers can often trigger without the user realizing it,” said Alex Vovk, co-founder and CEO of Action1. “Given the high privilege level and ease of exploitation, this flaw poses a significant risk to Windows environments. The scope of affected systems is extensive, as SMB is a core Windows protocol used for file and printer sharing and inter-process communication.”

Beyond these highlights, 10 of the vulnerabilities fixed this month were rated “critical” by Microsoft, including eight remote code execution flaws.

Notably absent from this month’s patch batch is a fix for a newly discovered weakness in Windows Server 2025 that allows attackers to act with the privileges of any user in Active Directory. The bug, dubbed “BadSuccessor,” was publicly disclosed by researchers at Akamai on May 21, and several public proof-of-concepts are now available. Tenable’s Satnam Narang said organizations that have at least one Windows Server 2025 domain controller should review permissions for principals and limit those permissions as much as possible.

Adobe has released updates for Acrobat Reader and six other products addressing at least 259 vulnerabilities, most of them in an update for Experience Manager. Mozilla Firefox and Google Chrome both recently released security updates that require a restart of the browser to take effect. The latest Chrome update fixes two zero-day exploits in the browser (CVE-2025-5419 and CVE-2025-4664).

For a detailed breakdown on the individual security updates released by Microsoft today, check out the Patch Tuesday roundup from the SANS Internet Storm Center. Action 1 has a breakdown of patches from Microsoft and a raft of other software vendors releasing fixes this month. As always, please back up your system and/or data before patching, and feel free to drop a note in the comments if you run into any problems applying these updates.

Android Enterprise has introduced features for mobile security, device management and user productivity in its latest update

A ransomware attack on Mastery Schools, Philadelphia, has compromised personal information of 37,031 individuals, exposing sensitive data

The financial sector was the industry most targeted by distributed denial-of-service (DDoS) attacks in 2024, with a peak in October

SentinelOne revealed details of two new intrusion attempts by China-nexus actors

UNFI says it is investigating unauthorized network activity, and that some operations are affected