Mandiant details how ShinyHunters abuse SSO to steal cloud data

Mandiant says a wave of recent ShinyHunters SaaS data-theft attacks is being fueled by targeted voice phishing (vishing) attacks and company-branded phishing sites that steal single sign-on (SSO) ...

Cloud storage payment scam floods inboxes with fake renewals

Over the past few months, a large-scale cloud storage subscription scam campaign has been targeting users worldwide with repeated emails falsely warning recipients that their photos, files, and ...
The Hacker News

Mandiant Finds ShinyHunters-Style Vishing Attacks Stealing MFA to Breach SaaS Platforms

Mandiant reports ShinyHunters-linked vishing attacks abusing MFA and SSO to breach SaaS apps, steal data, and extort ...

Islamic regime targeting dissidents, Israelis in new wave of advanced phishing attacks

A new phishing scheme allows alleged IRGC-affiliated hackers to snap photos from the victim’s device every 5 seconds, record audio in three-second segments, and geolocate the device every two seconds.

'One word' that could mean you're about to lose £300 from bank account

Imagine losing £300 with just a single click. Email scams are evolving, and fraudsters are getting smarter. Are you aware of the subtle signs to watch for?

Major US shipping platform left customer data wide open to hackers

Hackers are targeting global shipping technology to steal cargo worth millions. New cybersecurity threats expose supply chain ...

Your WhatsApp could become safer with stricter controls on unknown messages

WhatsApp has introduced a new lockdown-style “Strict Account Settings” mode to give users stronger protection from unknown ...