A recent report from Corporation Service Co. (CSC) indicates that a significant number of Global 2000 companies are falling short on domain security. Specifically, 67% of these companies have implemented fewer than half of the recommended security measures for their domains. This lack of adequate protection raises concerns about the vulnerability of these major organizations to cyber threats, such as phishing and domain spoofing. Without proper domain security practices, companies risk their reputation and data integrity, which can lead to financial losses and customer trust issues. The findings serve as a wake-up call for businesses to prioritize their domain security strategies and adopt necessary measures to safeguard their online presence.
A loan phishing scam in Peru is targeting individuals by mimicking legitimate financial institutions. Attackers create fake applications that trick users into providing sensitive information, including credit card details and personal identification numbers (PINs). This scam has raised concerns as it exploits the growing demand for loans, especially among those seeking financial assistance. Victims are at risk of identity theft and financial loss, making it crucial for users to be vigilant about the applications they download and the information they share. Authorities urge the public to verify the authenticity of loan offers and report suspicious activities to prevent further exploitation.
Phishing attacks are becoming more sophisticated and harder to detect, focusing on exploiting human emotions and timing rather than just careless users. Researchers from Flare have revealed that modern phishing tactics have evolved into industrialized operations, making them scalable and more challenging for individuals to recognize. This shift highlights the need for users to be more vigilant and educated about potential scams. Phishing can lead to severe consequences, including financial loss and data breaches, affecting both individuals and organizations. As these tactics grow in complexity, it's crucial for everyone to understand the risks and recognize the signs of phishing attempts.
Ingram Micro, a major technology distributor, experienced a data breach that compromised the personal information of approximately 42,000 individuals. The breach was detected on July 3, 2025, prompting the company to initiate an investigation with cybersecurity experts to assess the extent of the incident. The affected data may include sensitive details, although specifics about what information was accessed have not been disclosed. This incident raises concerns about the security practices in place at Ingram Micro and the potential risks faced by those whose information was exposed. As the investigation continues, affected individuals should remain vigilant for any signs of identity theft or phishing attempts.
Researchers from ReliaQuest have identified a phishing campaign targeting high-profile business executives through LinkedIn messages. The attackers are using an open-source penetration testing tool to craft convincing messages that trick individuals into revealing sensitive information. This campaign is particularly concerning because it targets 'high-value individuals,' making it more likely to succeed against those with access to critical company data. Companies need to educate their employees about recognizing phishing attempts and to implement stronger security measures to protect against these types of attacks. With the rise of social engineering tactics like this, vigilance is essential for safeguarding sensitive business information.
Hackread – Cybersecurity News, Data Breaches, AI, and More
Actively Exploited
Researchers from Resecurity have uncovered a new malware called PDFSIDER that takes advantage of the legitimate PDF24 application to steal sensitive data and provide attackers with remote access to compromised systems. This malware is part of a sophisticated campaign targeting corporate networks, utilizing spear-phishing tactics to lure victims and encrypted communications to evade detection. Companies using PDF24 should be particularly vigilant as this attack leverages a trusted application, making it easier for attackers to bypass security measures. The implications are serious, as this could lead to significant data breaches and unauthorized access to sensitive corporate information.
Security experts have uncovered a targeted campaign aimed at U.S. government and policy organizations, utilizing politically charged themes related to the U.S.-Venezuela relationship. Attackers are distributing a backdoor malware known as LOTUSLITE through spear phishing emails that include a ZIP file titled 'US now deciding what's next for Venezuela.zip.' This tactic exploits current geopolitical tensions to lure victims into opening the malicious attachment. The campaign highlights the ongoing risk of politically motivated cyber attacks that can compromise sensitive information and undermine national security. As such, it's crucial for organizations in the affected sectors to enhance their security measures and educate employees about recognizing phishing attempts.
A hacker has claimed responsibility for a significant data breach involving Max Messenger, reportedly extracting 142 GB of compressed data that includes around 15.4 million user records. The exposed information consists of full names, usernames, and phone numbers, which could put many users at risk of identity theft or spam. This incident raises concerns about the security measures in place to protect user data, especially given the large volume of personal information compromised. Users of Max Messenger should be vigilant about potential phishing attempts and consider changing their passwords to enhance their security. The situation also serves as a reminder for companies to prioritize data protection and implement stronger safeguards against unauthorized access.
Central Maine Healthcare experienced a data breach that affected over 145,000 individuals, including patients and current or former employees. The incident took place between March 19 and June 1 of last year, impacting a healthcare system that serves about 400,000 people in the region. This breach raises concerns about the security of personal and medical information, as sensitive data could be exposed to unauthorized individuals. The healthcare sector is often targeted due to the valuable nature of the data they hold, making it crucial for organizations to enhance their cybersecurity measures. Affected individuals should be vigilant about potential identity theft or phishing attempts following the breach.
Hackers are using fake PayPal notifications to trick users into providing their login credentials. These phishing attacks are designed to exploit remote monitoring and management (RMM) tools, which can give attackers remote access to compromised systems. Users who fall for these scams may unknowingly grant hackers the ability to control their devices, posing a significant security risk. This method of attack affects anyone who uses PayPal, especially those who may not be vigilant about verifying the authenticity of such alerts. It's crucial for users to be cautious about unsolicited emails and messages that request personal information or direct them to unfamiliar websites.
A new phishing campaign is targeting employees by exploiting their anxiety around performance reviews. The attackers are sending emails that impersonate management or HR, claiming to discuss performance evaluations scheduled for October 2025 and falsely hinting at potential layoffs. This tactic aims to create urgency and fear, prompting recipients to click on malicious links or download malware. Companies and employees need to be vigilant, as these scams can lead to data breaches or financial loss. The incident highlights the need for better cybersecurity awareness and training, especially during sensitive times like performance review periods.
Scammers are targeting LinkedIn users with a new phishing tactic that involves fake comments appearing as replies to legitimate posts. These comments, which resemble official LinkedIn notifications, falsely warn users about policy violations and encourage them to click on malicious external links. Some attackers are even using LinkedIn's own lnkd.in URL shortener, making it more difficult for users to recognize these attempts as scams. This tactic is particularly concerning as it exploits the trust users have in the platform, potentially compromising personal and professional information. LinkedIn users should be cautious and verify the authenticity of comments before clicking on any links.
A recent report from the World Economic Forum (WEF) reveals that cyber fraud has surpassed ransomware as the primary concern for CEOs by 2026. While ransomware attacks have long been a major worry for Chief Information Security Officers (CISOs), the shift in focus to cyber fraud indicates a growing recognition of the risks posed by fraudulent activities online. Cyber fraud can include a range of threats such as identity theft, phishing scams, and financial fraud, which can have severe implications for businesses and their customers. This change in priority suggests that companies may need to reassess their security strategies to better protect against these evolving threats. As cyber fraud continues to rise, it is crucial for organizations to remain vigilant and proactive in their cybersecurity measures.
Hackers have started using a new technique called the browser-in-the-browser (BitB) method to steal Facebook login credentials. This method creates a fake Facebook login window that appears to be part of the user's browser, tricking them into entering their username and password. Over the past six months, this tactic has gained traction among cybercriminals, making it easier for them to capture sensitive information. Users are at risk, especially if they are not aware of this deception. It's crucial for Facebook users to be vigilant and ensure they are logging in through the official website or app to avoid falling victim to these scams.
APT28, a Russian cyber espionage group, has been observed targeting entities involved in energy research and defense collaboration. The group has employed tactics that involve impersonating well-known webmail and VPN services, including Microsoft OWA, Google, and Sophos VPN portals, to deceive users into revealing sensitive information. This attack is significant as it aims to infiltrate organizations that play a critical role in energy security and defense, potentially leading to the theft of valuable research and intelligence. The ongoing nature of these attacks poses a serious risk to national security and the integrity of the affected sectors, highlighting the need for organizations to enhance their cybersecurity measures. Users should be cautious and verify the authenticity of services before entering any sensitive information.