Email security

Hackread reports that the U.S. has gained custody of Ghanaians Isaac Oduro Boateng, Inusah Ahmed, and Derrick Van Yeboah, who were allegedly involved in an extensive cyber fraud scheme that has led to more than $100 million in losses.

The group sent emails from purported job seekers with a malicious archive attached.

The malware brute forces WordPress sites to upload and spread the trojan.

Threat actors could compromise Google Gemini for Workspace instances with the Google Calendar invite with the new Targeted Promptware attack involving indirect prompt injection, reports Hackread.

The vulnerability could impact the identity integrity of an organization’s Exchange Online service.

Hackread reports that Microsoft 365 users have been subjected to a novel phishing campaign that exploits Discord CDN links to facilitate the distribution of the Atera and Splashtop remote monitoring management tools under the guise of a fake OneDrive attachment.

Time to recognize that third-party compromises are at the heart of the most damaging cyberattacks.