FAKE OPENAI INVITES TARGET CYBERSECURITY FIRMS
■ AI-SUMMARIZED FROM 1 SOURCE ▸ TIMELINE
Threat actors are creating fraudulent OpenAI tenants impersonating legitimate companies to trick employees into sharing sensitive data. The scheme uses fake organization invites to lure targets into submitting confidential information through chats and projects.
■ MORE FROM THE SECURITY DESK
A vulnerability called HollowByte enables unauthenticated attackers to trigger denial-of-service conditions on OpenSSL servers using a malicious payload of just 11 bytes. The flaw causes severe memory bloat on affected systems.
Federal authorities arrested 21-year-old Zyaire Wilkins, accused of publishing fake video games on Steam containing malware designed to steal cryptocurrency from thousands of users.
Federal authorities arrested a 21-year-old Florida man suspected of stealing over $220,000 in cryptocurrency through malware-infected Steam games. The scheme infected approximately 8,000 devices and compromised 80 crypto wallets between May 2024 and February 2026.
Hackers are exploiting legitimate hotel reservations from over 350 properties worldwide to launch convincing spear-phishing campaigns. The targeted attacks use genuine booking details to bypass user skepticism.