Originally reported by Hackread
TL;DR
The LAPSUS$ ransomware group claims to have breached pharmaceutical giant AstraZeneca, allegedly offering source code, credentials, and employee data for sale. Separately, Sublime Security researchers have identified a new phishing campaign using realistic JavaScript-based Zoom meeting invites to distribute malware on Windows systems.
LAPSUS$ claiming a major pharmaceutical company breach with alleged source code and credentials represents a high-impact incident. Combined with an active phishing campaign using realistic Zoom invites, this presents immediate threats to enterprise environments.
Three significant security developments emerged today, highlighting ongoing threats from established ransomware groups and evolving social engineering tactics targeting enterprise environments.
The LAPSUS$ ransomware group has claimed responsibility for allegedly breaching AstraZeneca, the multinational pharmaceutical company. According to the group's claims, they have obtained and are offering for sale:
LAPSUS$ has provided what they claim are leaked samples as proof of the alleged breach. The group has previously targeted major corporations including Microsoft, Nvidia, and Okta, making this claim consistent with their historical targeting patterns.
AstraZeneca has not yet publicly confirmed or denied the breach claims. The pharmaceutical sector remains a high-value target for ransomware groups due to the sensitive nature of research data and the potential for significant operational disruption.
Sublime Security researchers have discovered a new malware distribution campaign leveraging realistic, interactive JavaScript-based Zoom meeting invitations. The attack chain operates by:
The campaign represents an evolution in social engineering tactics, exploiting the widespread adoption of video conferencing platforms in enterprise environments. The interactive nature of the fake invites significantly increases their potential effectiveness compared to traditional static phishing emails.
Security practitioners are increasingly recognizing image format conversion as a practical web security concern. While WebP format offers performance benefits, compatibility issues are driving organizations toward PNG conversion workflows.
Key considerations include:
Organizations implementing image processing workflows should evaluate conversion tools for security vulnerabilities and ensure proper input validation.
Originally reported by Hackread