Third-party breach hits Framework Computer U.S. modular laptop manufacturer Framework Computer had information from an undisclosed number of customers compromised following a successful phishing attack against its third-party accounting service provider Keating Consulting Group, according to BleepingComputer.
BleepingComputer reports that major organizations are having their employees targeted by new phishing attacks exploiting messages concerning annual Human Resources department tasks to facilitate credential exfiltration activities.
Numerous phishing attacks have been launched by the Water Curupira operation to deploy the PikaBot loader malware as part of campaigns that initially ran from early to mid-2023 before reemerging in September, The Hacker News reports.
Hacked YouTube channels leveraged for Lumma Stealer distribution Several YouTube channels have been compromised to enable the distribution of the Lumma Stealer information-stealing malware via videos purporting to share cracked versions of legitimate software, reports Hackread.
BleepingComputer reports that Netgear and Hyundai Middle East & Africa had their official accounts on X, formerly Twitter, compromised to facilitate the distribution of cryptocurrency wallet drainer malware.
Ukraine has been targeted by the UAC-0050 threat operation with more advanced phishing attacks spreading the Remcos RAT surveillance tool, which involved the use of a pipe technique for interprocess communication in a bid to better bypass security system detection, according to The Hacker News.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.