From Dark Reading
-
Dropbox Breach Exposes Customer Credentials, Authentication Data
Threat actor dropped in to Dropbox Sign production environment and accessed emails, passwords, and other PII, along with APIs, OAuth, and MFA info.
-
Multiple LastPass Users Lose Master Passwords to Ultra-Convincing Scam
CryptoChameleon attackers trade quantity for quality, dedicating time and resources to trick even the most diligent into handing over their high-value credentials.