2FA phishing
-
Trend Micro: SORVEPOTEL self‑propagating malware spreads via WhatsApp, hits Brazil hard
Trend Micro researchers said a self‑propagating malware campaign called SORVEPOTEL is spreading via WhatsApp and email to Windows desktops, concentrating in Brazil; it propagates through malicious ZIP attachments and PowerShell, aims for rapid spread rather than data theft, and has led to mass spam and account suspensions.
-
Renault and Dacia inform UK customers of data exposure after third‑party breach
Renault and Dacia told UK customers that personal data held by a third‑party provider was taken in a cyberattack, exposing names, contact details and vehicle identifiers; Renault said banking data was not exposed and declined to name the supplier or say how many customers were affected.
-
Confucius-linked phishing in Pakistan used WooperStealer and Anondoor, researchers say
Researchers say the Confucius hacking group targeted Pakistani users with phishing lures that delivered WooperStealer and, in later attacks, a Python backdoor called Anondoor; Fortinet and K7 Security Labs described the techniques and capabilities but did not disclose victim counts.
-
US Air Force investigating ‘privacy-related issue’ after alleged SharePoint notice
The Department of the Air Force is investigating a “privacy-related issue” after an alleged notice said USAF SharePoint permissions exposed PII and PHI and that SharePoint, Teams and Power BI might be blocked; officials have provided limited confirmation and Microsoft declined to comment.
-
Phishing campaign impersonates Ukrainian police to deliver data stealer and cryptominer
FortiGuard Labs reported a fileless phishing campaign impersonating Ukraine’s National Police that uses malicious SVG attachments to deliver Amatera Stealer and PureMiner, harvesting credentials and installing a cryptominer on Windows systems.
-
Archer Health data breach exposes 145,000 patient records in publicly accessible database
A California-based in-home health provider, Archer Health Inc., left a 23 GB cache of medical and personal data publicly accessible, exposing more than 145,000 files including patient names, SSNs and medical histories. The database was secured within hours after a cybersecurity researcher alerted investigators, and the company says it is investigating the incident, which underscores…
-
Vietnamese hackers use fake copyright notices to steal cryptocurrency, researchers say
A Vietnamese hacking group known as Lone None has launched a multi-language scam to steal personal and financial data, with a focus on cryptocurrency, using fake copyright takedown notices and malware delivered through DLL side-loading, according to Cofense Intelligence.
-
FBI Warns of Fake IC3 Websites Designed to Steal Personal Data
The FBI warning highlights that criminals are creating spoofed IC3 websites to harvest personal data, noting more than 100 impersonation reports since late 2023 and urging direct access to IC3.gov and vigilance against look-alike domains and scam communications.
-
Iranian-linked hackers expand European operations with fake job portals and new malware, researchers say
Security researchers say Iranian government-backed attackers are targeting Western Europe with fake job portals and new Minibike malware, including MiniJunk and MiniBrowse, delivered through a multi-stage DLL sideloading chain. The operation focuses on Denmark, Portugal, and Sweden and appears linked to broader Iran-aligned threat activity.
-
Stellantis confirms data breach via third-party provider exposing customer emails
Stellantis disclosed that attackers breached a North American third-party customer-service partner, exposing only customer names and email addresses. The company launched an investigation, notified law enforcement, and urged affected customers to watch for phishing, as the auto maker navigates broader industry disruption linked to a separate JLR cyberattack.
