#targeted-phishing

[ follow ]
#e-commerce-breach #third-party-risk #customer-order-data #coldriver #clickfix #baitswitch #simplefix
fromCointelegraph
1 week ago

How a Third-Party Leak Fueled Phishing Against Ledger Users

In early January 2026, some Ledger customers were notified that personal and order information related to Ledger.com purchases had been accessed during a security incident involving Global-e, a third-party e-commerce partner that acts as the "merchant of record" for certain orders. Ledger stressed that its own hardware and software systems were not breached. However, the exposed purchase data was enough to spark a familiar second act: highly targeted phishing attempts that appear legitimate because they reference real-world details.
Information security
fromTechzine Global
3 months ago

Russia-linked COLDRIVER adopts ClickFix technique

COLDRIVER added ClickFix using BAITSWITCH downloader and SIMPLEFIX PowerShell backdoor with server-side selective delivery to target strategically important individuals.
[ Load more ]