StateScoop reports that officials at the Illinois Department of Healthcare and Family Services disclosed the compromise of information from 933 individuals, 564 of which are state residents, following a February phishing attack.
Threat actors have leveraged counterfeit Cloudflare Turnstile challenges used to check 'humanness' to facilitate clandestine malware compromise as part of a new ClickFix-style campaign, SecurityWeek reports.
Almost 20 retail, education, and hospitality organizations in the Americas and Europe have been breached by the UNC6040 threat group in attacks involving a trojanized version of Salesforce's Data Loader tool since January, The Register reports.
Telegram data targeted by Fastlane-impersonating RubyGems packages BleepingComputer reports that threat actors have launched a supply chain attack involving a pair of RubyGems packages impersonating widely used Fastlane CI/CD plugins to compromise Telegram data.
Ads on gaming and social media sites have been leveraged to redirect users to fake Booking.com websites that spread the AsyncRAT backdoor as part of an attack campaign that commenced in mid-May, reports Cybernews.
Malicious websites impersonating Gitcode and DocuSign have been used to facilitate NetSupport RAT malware delivery as part of a new attack campaign, The Hacker News reports.
