The breach occurred when threat actors gained access to customer data of about 9 million AT&T wireless accounts stored by a vendor. This exposed sensitive customer information like account numbers, phone numbers, and email addresses.

This scheme was uncovered in 2022 during "Operation Kaerb," involving global enforcement agencies. The criminals mimicked popular mobile platforms to conduct phishing attacks.

A sophisticated campaign is using GitHub repositories to spread the Lumma Stealer malware, targeting users interested in open-source projects or receiving email notifications from them.

These exchanges allowed users to trade cryptocurrencies anonymously, creating a safe environment for cybercriminals to launder their proceeds without fear of prosecution.

Approximately nine percent of tested firmware images use non-production cryptographic keys that are publicly known, making Secure Boot devices vulnerable to UEFI bootkit malware attacks.

Ransomware groups such as BianLian and Rhysida are now exploiting Microsoft Azure tools like Storage Explorer and AzCopy to steal data from compromised networks and store it in Azure Blob storage.

The CISA and the FBI recommended software developers to implement rigorous validation, sanitization, and input escaping to prevent malicious script injections and data manipulation.

Google is updating Chrome's post-quantum cryptography to defend against quantum computer attacks. The new encryption system, ML-KEM, replaces Kyber for enhanced security.

D-Link has addressed critical vulnerabilities in three popular WiFi 6 router models, fixing issues that could allow remote attackers to run arbitrary code or access devices with hardcoded credentials.

The campaign specifically targets Google's login page and prevents users from closing the window or using certain keyboard keys to escape. Once users enter and save their credentials to unlock the computer, the StealC malware steals the credentials.