• Student Loan Breach Exposes 2.5M Records »
  2.5 million people were affected, in a breach that could spell more trouble down the line.
• Watering Hole Attacks Push ScanBox Keylogger »
  Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.
• Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms »
  Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.
• Ransomware Attacks are on the Rise »
  Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.
• Cybercriminals Are Selling Access to Chinese Surveillance Cameras »
  Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.
• Twitter Whistleblower Complaint: The TL;DR Version »
  Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk.
• Firewall Bug Under Active Attack Triggers CISA Warning »
  CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP.
• Fake Reservation Links Prey on Weary Travelers »
  Fake travel reservations are exacting more pain from the travel weary, already dealing with the misery of canceled flights and overbooked hotels.
• iPhone Users Urged to Update to Patch 2 Zero-Days »
  Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under attack.
• Google Patches Chrome’s Fifth Zero-Day of the Year »
  An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack.