Fake Calendly Invites Target Ad Managers in New AiTM Campaign
Attackers abuse fake Calendly invites in a new phishing wave that aims at agencies, advertisers, and in-house marketing teams. The campaign impersonates major global brands and uses advanced Attacker-in-the-Middle techniques to capture credentials and session tokens. These tactics enable rapid takeovers of Google Workspace and Facebook Business accounts connected to high-value advertising platforms. Researchers note that the operation continues to
Albiriox Malware Targets 400+ Android Financial Apps
Security researchers warn about the rapid spread of Albiriox malware, a new Android threat built as a malware-as-a-service platform. The campaign focuses on large-scale financial fraud, with operators using the malware to target more than 400 banking, fintech, trading and crypto apps. This model gives even low-skill cybercriminals powerful tools for remote theft and real-time device manipulation. How Albiriox Malware
Dartmouth Data Theft Confirmed in Oracle-Linked Breach
Dartmouth data theft concerns escalated after the college confirmed that attackers stole sensitive employee information through an Oracle system compromise. The incident exposed personal details stored in Oracle’s Human Capital Management environment, which Dartmouth relied on for HR operations. The disclosure adds another victim to a growing list of organizations impacted by the Oracle breach campaign. How Dartmouth Confirmed the
Scattered Lapsus Hunters Target Tech With 40 Malicious Domains
Security researchers uncovered a large phishing operation linked to Scattered Lapsus Hunters, a threat group that registered more than 40 fake domains. These lookalike sites imitate major tech companies and aim to harvest credentials from employees and consumers. The discovery highlights the growing sophistication behind phishing campaigns that exploit brand trust and corporate identity. How the Campaign Works Researchers from
Chrome Malicious Extension Exposed as Part of ClearFake Attack
A new investigation reveals how a Chrome malicious extension disguised as a translation tool infected browsers with injected scripts and aggressive redirects. Researchers identified the extension as CryptoCopilot, which operated as part of the long-running ClearFake malvertising campaign. The incident highlights the growing risk of malicious code entering trusted platforms like the Chrome Web Store. How the Campaign Operated Guardio
GreyNoise IP Scanner Lets Users Check Botnet Exposure
A growing need for simple security tools has pushed GreyNoise Labs to launch a new public scanner that helps users understand how their IP address behaves across the internet. With the GreyNoise IP scanner, anyone can check if their IP appears in datasets linked to botnet activity, mass scanning, or unwanted probing. The tool offers quick insight into possible compromises
OpenAI Breach: Vendor Hack Exposes API Customer Data
A vendor security failure at Mixpanel exposed API customer metadata and pushed OpenAI to reassess its third-party risk controls. The OpenAI breach originated from unauthorized access within Mixpanel’s systems, where attackers extracted analytics data linked to API accounts. OpenAI confirmed that its own infrastructure remained secure, yet the incident demonstrates how external service providers can still create meaningful exposure for
OnSolve CodeRED Cyberattack Hits Emergency Systems
The OnSolve CodeRED cyberattack disrupted emergency alert services across the United States and exposed sensitive user data. CodeRED supports thousands of municipalities, police departments and public-safety agencies. When attackers breached the system, the incident raised serious concerns about the resilience of national emergency-communication infrastructure. Attack Overview Attackers claimed they infiltrated the CodeRED platform on November 1, 2025. They stated they
Malicious Blender Models Deliver Stealc Malware to 3D Artists
Malicious Blender models now threaten 3D artists and developers through weaponized project files that deliver the Stealc infostealer. Attackers use these infected assets to compromise creative pipelines and steal valuable credentials. The campaign shows how threat actors shift toward tools used in digital content creation to reach high-value targets. How the Attack Works Security researchers uncovered infected .blend files that
Iberia data leak exposes supplier-level security weaknesses
Iberia, one of Europe’s largest airlines and the flag carrier of Spain, is dealing with a security incident involving customer information accessed through a compromised vendor system. The Iberia data leak emerged after the supplier reported a breach that exposed limited passenger details, prompting the airline to launch its internal security protocol. The disclosure also revived interest in a separate
