This section is prepared for future source-aware coverage. The MVP uses static placeholder entries until the editorial workflow is ready.
BleepingComputer - Jun 22, 2026
WhatsApp phishing attack uses fake business docs to hack PCs
A report says an ongoing malware campaign is targeting WhatsApp users in several countries. The messages appear to use fake business documents and push VBScript files that can lead to remote access on a computer. The story warns that the attack is built around convincing people to open files that look important or work-related.
Warning signs to consider
Unexpected WhatsApp messages with document attachments or download links.
Files that look like business paperwork but use unfamiliar file types.
Pressure to open a file quickly because it seems important.
Healthtech firm Xolis suffers data breach impacting 1.4 million people
According to the provided report, healthcare technology company Xsolis said a phishing attack gave attackers access to its network and exposed sensitive data linked to nearly 1.4 million people. The item says this was a data breach tied to unauthorized access, but the full details of what was taken were not included in the snippet.
Warning signs to consider
Unexpected emails asking staff to click links, open files, or sign in again.
Reports of network access following a phishing message.
According to NPR, Cambodia is cracking down on cyber scam compounds linked to human trafficking, and thousands of workers have been freed. The report says many of those people are now stuck without housing or a clear way to return to their families, turning the crackdown into a humanitarian crisis.
Warning signs to consider
Large scam operations tied to trafficking or forced labor.
People being held in compounds with limited freedom to leave.
Freed individuals left without shelter, money, or transport home.
Webinar: How attackers bypass MFA and how defenders can respond
This webinar says some modern phishing attacks can get around multi-factor authentication (MFA) without needing to steal passwords. It mentions Device Code phishing as one method and says behavioral AI may help security teams spot compromised accounts faster.
Warning signs to consider
Messages or pages pushing users to enter device codes or sign in through unusual prompts.
Phishing that still succeeds even when MFA is turned on.
Unexpected account activity that may signal a compromised login.
LOST CRYPTO FUNDS SUCCESSFULLY RECOVERY EMAIL CAPITALCRYPTORECOVER@ZOHOMAIL. COM
A forum post on BleepingComputer describes someone saying they lost crypto in a bitcoin trading and romance-fraud-related scam, then sharing an email address that claims to recover lost crypto funds. The post suggests the person was trying to get help after losing about $78.4 USDT through an online investment platform. The wording of the post and the recovery email look like a possible scam or recovery scheme.
Warning signs to consider
Promises of recovering lost crypto funds.
A random email address used as the main contact.
Links to a romance fraud and online investment loss story.
Webinar: Why email security teams are drowning in alerts
This webinar looks at how phishing, business email compromise (BEC), and account takeover attacks can flood security teams with too many alerts. It says behavioral AI may help automate detection and response work so teams can handle alerts more easily and improve efficiency.
Warning signs to consider
Many security alerts coming in at once.
Repeated phishing, BEC, or account takeover activity.
Teams spending too much time investigating low-value alerts.
LOST CRYPTO FUNDS SUCCESSFULLY RECOVERY CONTACT Text/ Number+1 (336) 390-6684
A post on BleepingComputer’s forums advertises “successful” recovery of lost crypto funds and asks people to text a phone number for help. The description says the poster lost cryptocurrency in a romance fraud and online investment scam, which is often a sign of recovery-scam bait. The message uses urgent, promotional wording to attract people who have already lost money.
Warning signs to consider
Promises of “successful recovery” of crypto funds.
A phone number or direct text contact instead of clear, verified details.
Mention of romance fraud and investment losses used as a hook.
Freed from Cambodia's scam compounds, trafficking victims face a new crisis
NPR reports that Cambodia’s crackdown on scam compounds has led to a new problem: thousands of foreign workers who were found in or released from these centers are now stranded in Phnom Penh. The article says these people include trafficking victims and others who had been tied to scam operations, and many are now facing uncertainty about where to go next.
Warning signs to consider
Claims about scam centers often involve forced labor, trafficking, or people being moved across borders.
A crackdown can reveal a second wave of harm, such as stranded workers with nowhere to go.
Large groups of people linked to fraud operations may face unstable and confusing situations after a raid or shutdown.
