In March 2026, Hallmark suffered an alleged breach and subsequent extortion after attackers gained access to data stored within Salesforce. The data was later published after the extortion deadline passed, exposing 1.7M unique email addresses across both Hallmark and the Hallmark+ streaming service, along with names, phone numbers, physical addresses and support tickets.

The vulnerability is tracked as CVE-2026-34621 and Adobe has confirmed that it can be exploited for arbitrary code execution.

The post Adobe Patches Reader Zero-Day Exploited for Months appeared first on SecurityWeek.

Hackers are weaponizing legitimate Meta Business Manager notifications to sneak phishing emails past security filters and into users’ inboxes. By abusing trusted Meta infrastructure, attackers make their messages appear authentic while quietly funneling victims to credential‑stealing pages. Because Meta systems generate these invites, the emails come from real Meta domains such as facebookmail.com and pass […]

The post Meta Business Alerts Abused for Phishing Campaigns appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Ransomware attackers routinely deploy tools designed to disable endpoint detection and response software before launching encryptors. These tools, known as EDR killers, have become a standard component of ransomware intrusions. ESET Research tracked nearly 90 EDR killers actively used in the wild. The workflow is consistent across groups: an attacker gains high privileges, deploys an EDR killer to disrupt security software, then runs the encryptor. Affiliates prefer this approach because it gives them a brief, … More →

The post EDR killers are now standard equipment in ransomware attacks appeared first on Help Net Security.

Hackers vowed to revive its efforts against America when the time was right — demonstrating how digital warfare has become ingrained in military conflict.

The post Shaky Ceasefire Unlikely to Stop Cyberattacks From Iran-Linked Hackers for Long appeared first on SecurityWeek.

Cybercriminals are constantly looking for ways to bypass email security filters, and their latest method involves using legitimate platforms against their own users.

A newly discovered phishing campaign is abusing real Meta Business Manager partner request notifications to trick business owners and page administrators.

Because these emails are sent directly from Meta’s official, trusted infrastructure, they easily slip past traditional spam filters and land in the victim’s primary inbox.

The Mechanics Of The Attack

The core of this attack relies on a feature within Meta Business Manager that allows businesses to send partner requests to other accounts.

Threat actors are exploiting this legitimate tool by manipulating their own account names.

Instead of using a normal business name, the attackers change their account name to display a deceptive message, such as a warning about page suspension or copyright violations.

They also embed malicious phishing links directly into these fake account names or request details.

When the target receives the partner request email, it looks highly authentic because it actually originates from Facebook’s real servers.

Security researchers at MailMarshal recently detected this sophisticated campaign in the wild. If a user clicks the embedded link in the notification, they are not taken to a real Facebook page.

Instead, they are redirected to carefully crafted fake Facebook Help landing pages designed to look exactly like the real Meta support center.

Indicators Of Compromise and Protection

Recognizing the infrastructure used by these attackers is crucial for blocking the threat and protecting corporate assets.

Cybersecurity teams and network administrators should update their blocklists to prevent users from accessing the malicious domains associated with this campaign.

The identified Indicators of Compromise (IOCs) include several deceptive URLs designed to mimic official support channels.

Known malicious domains to block:

• aisupportpage[.]online
• helpforpage[.]online
• pagereport[.]online
• pagereview[.]online
• pagesactnow[.]help
• pageshub[.]click

According to Spider Labs research, to protect your organization from this type of abuse, users must remain highly skeptical of urgent notifications, even if they come from a trusted sender like Meta.

Always log in directly to your Meta Business Manager account in your web browser to check for alerts, rather than clicking on links in an email. Review any partner requests carefully and deny those from unknown or suspicious sources.

Furthermore, ensure that your team is trained to spot fake login pages by always verifying the URL in the browser’s address bar.

Implementing hardware-based security keys for two-factor authentication can also stop attackers from accessing your account, even if they manage to steal your password through a fake portal.

Follow us on Google News , LinkedIn and X to Get More Instant Updates. Set Cyberpress as a Preferred Source in Google.

The post Attackers Weaponize Real Meta Business Manager Notifications In New Phishing Campaign appeared first on Cyber Security News.