September 2025 – Page 7 – TheCyberThrone

Critical Sitecore Zero-Day Flaw

Introduction On September 3, 2025, a critical zero-day vulnerability (CVE-2025-53690) in the Sitecore Experience Platform sent shockwaves through the enterprise content management community. Exploited in-the-wild, this flaw allowed remote attackers…

PravinKarthik September 4, 2025

Chrome 140 Stable Channel Released

On September 2, 2025, Google officially released Chrome 140 to its stable channel across desktop and mobile platforms including Windows, macOS, Linux, Android, and iOS. This update focuses on improving…

PravinKarthik September 3, 2025

Salesloft Drift Supply Chain Breach Sparked a Wave of Data Exposures

Introduction In late August 2025, a supply chain attack on the Drift integration from Salesloft sent shockwaves through the cybersecurity community. Major players including Cloudflare and Palo Alto Networks found…

PravinKarthik September 3, 2025

Three Major Vulnerabilities Added to CISA’s KEV Catalog

In a critical update for network defenders and security professionals, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently added three significant vulnerabilities—CVE-2020-24363, CVE-2025-55177, and CVE-2025-57819—to its Known Exploited Vulnerabilities…

PravinKarthik September 3, 2025

Zscaler and the Salesloft Drift Supply-Chain Breach

In late August 2025, Zscaler, like many organizations, was affected by a wide-reaching supply-chain attack that exploited the integration between Salesloft Drift—an AI-powered sales workflow application—and Salesforce. What Was the…

PravinKarthik September 2, 2025

Security Certifications

Leo and the Fortress of Defense in Depth

Leo, the newly appointed CISO at MSDCorp, was still navigating the treacherous waters of governance and alignment. After stabilizing some early crises, he realized a bigger challenge awaited him: the…

PravinKarthik September 1, 2025