Push Security
-
Phishing campaign targets TikTok for Business accounts with bot-blocking pages
A phishing campaign is targeting TikTok for Business accounts with bot-blocking pages that redirect through Google Storage and use a Cloudflare Turnstile check, then present fake login pages designed to capture credentials and session cookies.
-
Calendly-themed phishing campaign spoofs top brands to hijack ad manager accounts
Security researchers found a targeted phishing campaign using fake Calendly invites and brand impersonation to steal Google Workspace and Facebook business credentials and seize advertising manager accounts for malvertising and other attacks.
