Find notable cyber news and cases, enriched with sources, timelines, and signals.

Calendly-themed brand-impersonation phishing campaign targeting ad manager accounts

Campaign
First reported
Last updated
Happening score
H score 26
1 unique sources, 1 articles

Summary

Hide ▲

An ongoing Calendly-themed phishing campaign is impersonating major brands to steal Google Workspace and Facebook business credentials, creating takeover risk for ad and enterprise accounts.

Related Happenings

Hotel and hospitality photo-ZIP phishing campaign

Campaign
H score40 First: 26.06.2026 12:27 Last: 26.06.2026 12:27 Sources 1

About this happening: An **active phishing campaign** is targeting **hotel and hospitality organizations** across **Europe and Asia**, increasing the risk of **front-desk machine compromise** and durab...

Google Chrome DBSC rolls out session-cookie theft protection for all users

Security Tool/Service
H score10 First: 29.05.2026 15:08 Last: 29.05.2026 15:08 Sources 1

About this happening: Google's **Chrome Device Bound Session Credentials (DBSC)** is now **generally available** and rolling out to **all users**, reducing the risk of **account takeovers** from stolen...

AccountDumpling Google AppSheet Facebook phishing campaign

Campaign
H score31 First: 01.05.2026 21:09 Last: 01.05.2026 21:09 Sources 1

About this happening: A **Vietnamese-linked** operation dubbed **AccountDumpling** is using **Google AppSheet** as a phishing relay to steal **Facebook** credentials, enabling account takeover at scale...

OAuth device-code phishing campaign targeting SaaS accounts

Campaign
H score43 First: 04.04.2026 17:17 Last: 04.04.2026 17:17 Sources 1

About this happening: A **device code phishing** campaign now includes **EvilTokens**, a **phishing-as-a-service** kit sold on **Telegram** that uses the **OAuth 2.0 device authorization flow** to hija...

TikTok for Business phishing campaign using Turnstile and reverse proxy

Campaign
H score31 First: 26.03.2026 16:09 Last: 26.03.2026 16:09 Sources 1

About this happening: A **phishing campaign** is targeting **TikTok for Business accounts** and uses **Cloudflare Turnstile** to block automated analysis before exposing a **reverse-proxy** credential-...

Timeline

  1. 02.12.2025 16:00 2 articles · 7mo ago

    Calendly-themed brand impersonation targets business credentials

    Initial Disclosure

    An ongoing Calendly-themed phishing campaign impersonates over 75 brands, including Unilever, Disney, MasterCard, LVMH, and Uber, to steal Google Workspace, Facebook Business, and Google MCC ad manager credentials from targeted business users.

    Show sources