New BrowserVenom malware spread via DeepSeek spoofing Numerous computers across Mexico, Brazil, Cuba, India, Nepal, Egypt, and South Africa have been compromised with the novel BrowserVenom malware in a phishing campaign involving the impersonation of Chinese artificial intelligence platform DeepSeek-R1, reports The Register.
Threat actors previously associated with the Black Basta ransomware gang have continued leveraging Microsoft Teams phishing alongside Python script execution in new intrusions, indicating the ongoing regrouping of the ransomware operation following a steep decline stemming from its internal chat log leak earlier this year, The Hacker News reports.
Cybernews reports that despite being confident in identifying phishing emails, 56% of workers and executives across the UK were not able to distinguish such scams from legitimate emails.
StateScoop reports that officials at the Illinois Department of Healthcare and Family Services disclosed the compromise of information from 933 individuals, 564 of which are state residents, following a February phishing attack.
Threat actors have leveraged counterfeit Cloudflare Turnstile challenges used to check 'humanness' to facilitate clandestine malware compromise as part of a new ClickFix-style campaign, SecurityWeek reports.
Almost 20 retail, education, and hospitality organizations in the Americas and Europe have been breached by the UNC6040 threat group in attacks involving a trojanized version of Salesforce's Data Loader tool since January, The Register reports.
Telegram data targeted by Fastlane-impersonating RubyGems packages BleepingComputer reports that threat actors have launched a supply chain attack involving a pair of RubyGems packages impersonating widely used Fastlane CI/CD plugins to compromise Telegram data.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
