Attackers are expanding phishing beyond just email to channels like social media, SMS, instant messaging apps, and even search-ads to sneak around email filters. These methods are harder to detect, abuse customizable phishing kits, and can target both work and personal apps, exposing a bigger risk for organizations.
Hackers claim to have stolen data on 5.5 million Discord users, including government IDs and partial payment info, by breaching the company’s Zendesk support system. Discord disputes the scale and pledges not to pay the extortion demand.
Two 17-year-olds were arrested over a ransomware attack on a UK nursery chain after hackers stole the names, addresses, and photos of about 8,000 children.
Hackers used credentials stolen from other sites to access DraftKings accounts in a credential stuffing attack, exposing personal information like names, email addresses, and partial payment details.
A pro-Russian hacktivist group called TwoNet claimed to have breached a water treatment facility, but the target was actually a decoy (honeypot) set up by security researchers. The intrusion saw the attackers quickly move from access to disruption, disabling alarms and modifying control settings within 26 hours.
As AI tools become integral to business operations, establishing a clear AI Use Policy is essential to mitigate risks such as data breaches, intellectual property theft, and compliance violations.
.png?width=1080&height=250&name=Tech%20Tip%20Footer%20(3).png)
