phishing

Your Data This Week: Starbucks Employee Breach, Loblaw Customer Data, Steam Malware, and How to Respond to Each

John Z Black Mar 14, 2026

Consumer Security #starbucks #loblaw #steam #data-breach #malware #phishing #consumer #fbi #gaming

Three breaches hit this week through platforms people already trust. Starbucks employee data, Loblaw customer accounts, and FBI-flagged malware hiding in Steam games.

INTERPOL Just Sinkholed 45,000 Criminal IPs and Arrested 94 People Across 72 Countries

John Z Black Mar 14, 2026

Law Enforcement #interpol #operation-synergia #sinkhole #cybercrime #ransomware #phishing #law-enforcement #takedown

Operation Synergia III was one of the biggest cybercrime infrastructure takedowns ever. 45,000 malicious IPs redirected, 94 arrests, 72 countries involved. Here's what that actually means.

Your MFA and Your ZIP Scanner Both Have Blind Spots Attackers Are Already Using

John Z Black Mar 12, 2026

Security Controls #mfa #phishing #aitm #starkiller #zombie-zip #fido2 #passkeys #security-controls #defense

Adversary-in-the-Middle phishing beats standard MFA in real time. Zombie ZIP tricks archive scanners into waving malware through. Two trusted security controls, two systematic bypasses already in the wild.

BlackSanta Kills Your EDR Before You Even Know You're Hit — and It's Coming Through HR

John Z Black Mar 11, 2026

Malware #malware #edr #endpoint-security #phishing #hr-security #blacksanta

New malware called BlackSanta disables your endpoint detection, and it's getting in through HR inboxes. That combo is nastier than it sounds.

ClickFix Is the Social Engineering Trick That Took Over 2026

John Z Black Mar 10, 2026

Threat Intelligence #clickfix #social-engineering #ransomware #teams #phishing #a0backdoor #castlerat #chrome-extensions

A dead-simple social engineering trick is showing up everywhere in 2026. Users paste a command into PowerShell or a Run dialog and boom, malware runs. Three separate campaigns hit this week alone.