Gmail MFA
-
Microsoft: Storm-2657 Used Phishing to Redirect University Payrolls via Workday Accounts
Microsoft said a gang known as Storm-2657 has used phishing and adversary-in-the-middle links to steal MFA and compromise university Workday-linked accounts since March 2025, altering payroll configurations to redirect salary payments and spreading further phishing inside and across campuses.
-
France fines Google €325 million and Shein €150 million for cookie violations, CNIL says
France’s CNIL fined Google €325 million and Shein €150 million for cookie-consent violations, ordering compliance within six months, as U.S. authorities push parallel privacy actions and other firms face related penalties.
-
MathWorks reports ransomware breach exposed data of 10,476 individuals
MathWorks disclosed that a ransomware group stole the data of 10,476 individuals after breaching its network in April, prompting outages affecting MFA, SSO, and other services. The company has not named the ransomware operator, and authorities note that a resolution or ransom payment, if any, remains undisclosed.
-
Storm-0501 Debuts Brutal Hybrid Ransomware Attack Chain, Microsoft Warns
Microsoft Threat Intelligence warns Storm-0501 has deployed a brutal hybrid ransomware chain, exploiting hijacked privileged accounts to pivot between on‑prem and cloud, exfiltrate data, delete backups and encrypt remaining cloud resources, pressuring victims to pay or face potential shutdown.
-
Russian Hackers Employ Advanced Social Engineering to Bypass Gmail’s Multi-Factor Authentication
A new campaign by Russian hackers has successfully bypassed Gmail’s multi-factor authentication, targeting academics and critics of Russia through sophisticated social engineering attacks, as reported by Google Threat Intelligence Group.
