PhishingAndroid, iOS Phishing Attacks Use Lucid PhaaS PlatformChinese cybercrime group XinXin used the Lucid PhaaS platform to target 169 organizations.
MalwareCISA: Fixed Ivanti Bug Used by Novel RESURGE MalwareCISA warned that unpatched Ivanti Connect Secure instances were vulnerable to RESURGE malware attacks.
PhishingMailchimp Phishing Exposes Have I Been Pwned SubscribersHave I Been Pwned had nearly 16,000 records stolen after a successful phishing attack against HIBP admin Troy Hunt.
RansomwareNewly Emergent VanHelsing RaaS Operations Targets Various PlatformsVanHelsing RaaS targets Windows, Linux, ARM, BSD, and ESXi platforms
BreachFake Semrush Ads Aim To Pilfer Google CredentialsBrazilian threat actors aim to compromise Google accounts.
BreachAttacks Involving ServiceNow Flaws EscalateIsrael was the leading target, followed by Germany, Japan, and Lithuania.
BreachDollyWay Campaign Compromises Thousands of WordPress SitesThe DollyWay campaign has hit more than 20,000 WordPress sites since 2016.
PhishingAI Drives Surge in Browser-Based Phishing AttacksBrowser-based phishing attacks are surging thanks to AI.
