- Security News
- 0ktapus phishing campaign: Twilio hackers targeted other 136 organizations [Pierluigi Paganini, Security Affairs]
- Phishing attacks abusing SaaS platforms see a massive 1,100% growth [Bill Toulas, Bleeping Computer]
- Hybrid Vishing Attacks Soar 625% in Q2 [Phil Muncaster, Infosecurity Magazine]
- PyPI Repository Warns Python Project Maintainers About Ongoing Phishing Attacks [Ravie Lakshmanan, The Hacker News]
- DoorDash Confirms Data Breach that Exposed Customers’ Information [Princess Scott, iTECKPOST]
- CEOs beware: senior executives targeted in complex Office 365 attack [Ryan Morrison, Tech Monito]
- Malware
- A malware that hijacks ADFS to log in as anyone in Windows has been discovered [Angad Singh, Inside]
- BlackByte is Back and Acting a Lot Like LockBit [Teri Robinson, Security Boulevard]
- New Golang Ransomware Agenda Customizes Attacks [Mohamed Fahmy, Thrend Micro]
- Fake Chrome extension ‘Internet Download Manager’ has 200,000 installs [Ax Sharma, Bleeping Computer]
- Vulnerabilities and Patches
- Google Patches Chrome’s Fifth Zero-Day of the Year [Elizabeth Montalbano, Threat Post]
- Windows 11 KB5016691 preview update released with 22 changes [Lawrence Abrams, Bleeping Computer]
- Cybercriminals Are Selling Access to Chinese Surveillance Cameras [Nate Nelson, Threat Post]
- LastPass breach: Source code, proprietary tech info stolen [Zeljka Zorz, Help Net Security]
- Critical RCE bug in GitLab patched, update ASAP! [Zeljka Zorz, Help Net Security]
- Palo Alto warns of firewall vulnerability used in DDoS attack on service provider [Jonathan Greig, The Record]
- Privilege Escalation Flaw Haunts VMware Tools [SecurityWeek News, SecurityWeek News]
C410 A2BE CB73 EF77 746E 9682 E2C4 91CE D20D 800F