As phishing campaigns continue to proliferate at an alarming rate, it is critical that internet users remain vigilant. A large-scale sophisticated phishing campaign exploiting reputable brands across several industry verticals was observed. In other news, a massive data breach occurred at a Russian mobility service, affecting millions of customers. The holiday season is quickly approaching, and so are online scams, according to the NCSC. Here are the top ten stories from the last 24 hours.

1. China-based threat actor, named Fangxiao, has built a network of 42,000 web domains that mimic over 400 popular brands, to redirect users to malicious sites, found Cyjax.

2. Russian scooter-sharing service Whoosh confirmed suffering a data breach after hackers started selling a database containing promotion codes, partial user ID, and payment details of 7.2 million customers.

3. Team Montesano hackers infiltrated HaveIBeenPwned by abusing an unknown bug and are now threatening to leak the data to the highest bidder if a ransom of $2,500 isn’t paid.

4. The NSA issued a guidance to help organizations implement proper protections against common software memory safety issues. The agency suggests using memory-safe language.

5. Chinese state-sponsored Lotus Blossom APT group breached a digital certificate authority and government and defense agencies across the world, in an ongoing campaign since at least March.

6. The NCSC-U.K cited that online shoppers lost around $18 million between November 2021 and January 2022 to scammers. Around 45% of victims were in the 19–25 age group.

7. Lazarus APT group has been found using the DTrack backdoor to target education, IT, chemical manufacturing, telecoms, utility, and government industries in Latin America and Europe.

8. Suffolk police ended up inadvertently leaking the names, addresses, dates of birth, and alleged sexual offenses committed against individuals, on its website.

9. Cyble spotted threat actors in a phishing campaign targeting Bank Rayat Indonesia. They automatically fetch OTP from a compromised device using the SMS Stealer Android malware.

10. VirusTotal reported 1,700 URLs and 400 government-related domains in over 50 territories propagating malware, including ransomware, trojan, coin miners, and others.