According to The Clorox Company, which makes everything from lip balm to cat litter to charcoal to bleach, this is exactly what happened to it in 2023. But Clorox says that the “debilitating” breach was not its fault. It had outsourced the “service desk” part of its IT security operations to the massive services company Cognizant—and Clorox says that Cognizant failed to follow even the most basic agreed-upon procedures for running the service desk.
Category: Cyber Crime
Microsoft says China-backed cybercriminals hacked into US nuclear weapons agency
“The early exploitation resembled government-sponsored activity, and then spread more widely to include hacking that ‘looks like China’,” Meyers told Bloomberg News. CrowdStrike’s investigation into the campaign remains ongoing.
Florida woman tricked into forking over $15k by AI cloning her daughter’s voice: ‘I know my daughter’s cry’
The phone number didn’t match Monroe’s, and the voice claimed that the police had taken her personal cellphone after the accident. But the AI-generated sound was so similar to her daughter’s voice — even her sobs — that Brightwell was completely convinced the call was real.
Hackers are hiding powerful info-stealing malware in fake free VPNs downloaded from GitHub, don’t get tricked | TechRadar
Once executed, the dropper uses a multi-stage attack chain involving obfuscation, dynamic DLL loading, memory injection, and abuse of legitimate Windows tools like MSBuild.exe and aspnet_regiis.exe to maintain stealth and persistence.
Eavesdropping on MEMS Microphones With a Radio – Hackster.io
No modifications to the hardware or software are required — any phone, computer, or other device with this type of microphone is vulnerable right out of the box. And you may not even need to explicitly enable the microphone because certain commonly used apps, such as Spotify, YouTube, Amazon Music, and Google Drive, already turn it on under certain conditions.
1.7 billion passwords leaked on dark web and why yours is at risk | Fox News
A new report shows just how out of control the problem has become, with infostealer activity jumping 500% in just one year, harvesting more than 1.7 billion fresh credentials.
CoGUI phishing platform sent 580 million emails to steal credentials
A new phishing kit named ‘CoGUI’ sent over 580 million emails to targets between January and April 2025, aiming to steal account credentials and payment data.
FBI shares massive list of 42,000 LabHost phishing domains
Although the LabHost operation is no longer active and the shared 42,000 domains are not likely currently used in malicious operations, there’s still significant value for cybersecurity firms and defenders.
FBI: US lost record $16.6 billion to cybercrime in 2024
The most impacted group is older Americans, especially people over 60, who filed 147,127 complaints linked to approximately $4.8 billion in losses.