Mandiant details how ShinyHunters abuse SSO to steal cloud data

Mandiant says a wave of recent ShinyHunters SaaS data-theft attacks is being fueled by targeted voice phishing (vishing) attacks and company-branded phishing sites that steal single sign-on (SSO) ...
NBC Chicago

Google accused of using AI to exploit data from Gmail accounts

The world’s largest email platform may be using AI to access and exploit your private data, according to a class action lawsuit. That lawsuit was filed against Google in recent days, and NBC 5 ...
Fox News

Tech-savvy thieves exploit obits, online posts to strike homes while families grieve, expert warns

Thieves targeting the homes of people whose loved ones recently died is not a new tactic, but a law enforcement expert warns it may be resurfacing as criminals increasingly exploit publicly available ...

Microsoft Copilot reprompt exploit allowed attackers to steal your AI data

Varonis Threat Labs has published a report detailing a now patched security exploit discovered in Copilot that let attackers steal data with a single-click.
Bleeping Computer

Convincing LinkedIn comment-reply tactic used in new phishing

Scammers are flooding LinkedIn posts this week with fake "reply" comments that appear to come from the platform itself, warning users of bogus policy violations and urging them to visit an external ...

149 million logins and passwords exposed for Gmail, Facebook, Instagram and more — everything you need to know

Millions of logins and passwords have been leaked online after a hacker's database of stolen credentials was left unsecured ...