Aggregator

Education publishing giant McGraw-Hill has confirmed a data breach following an extortion attempt, with more than 100GB of stolen data now publicly distributed online, exposing the personal information of approximately 13.5 million users. The breach, disclosed in April 2026, stems from a misconfiguration in McGraw-Hill’s Salesforce environment. According to the company, the incident exposed “a […]

The post McGraw Hill Confirms Data Breach Exposing 13.5 Million Users’ Personal Data appeared first on Cyber Security News.

You must login to view this content

You must login to view this content

You must login to view this content

You must login to view this content

You must login to view this content

ANY.RUN has observed a sustained surge in a credential-phishing campaign active since 2024. This campaign, dubbed BlobPhish, introduces a sneaky twist: instead of delivering phishing pages via traditional HTTP requests, it generates them directly inside the victim’s browser using blob objects. The result is a phishing payload that lives entirely in memory, leaving little to no trace in logs, caches, […]

The post BlobPhish: The Phantom Phishing Campaign Hiding in Browser Memory appeared first on ANY.RUN's Cybersecurity Blog.

A newly identified information-stealing malware called NWHStealer is quietly making its way onto Windows systems through a well-disguised campaign that uses fake VPN websites, gaming mods, and hardware utility tools as bait. The attackers are not relying on spam emails or obvious phishing tricks. Instead, they are placing malware inside files that people actively search […]

The post Fake Proton VPN Sites and Gaming Mods Spread NWHStealer in New Windows Malware Campaign appeared first on Cyber Security News.