This Week in Scams: DoorDash Breach and Fake Flight Cancellation Texts

Leading off our news on scams this week, a heads-up for DoorDash users, merchants, and Dashers too. A data breach of an undisclosed size may have impacted you.

Per an email sent by the company to “affected DoorDash users where required,” a third party gained access to data that may have included a mix of the following:

• First and last name
• Physical address
• Phone number
• Email address

You might have got the email too. And even if you didn’t, anyone who’s used DoorDash should take note.

As to the potential scope of the breach, DoorDash made no comment in its email or a post on their help site. Of note, though, is that one of the help lines cited in their post mentions a French-language number—implying that the breach might affect Canadian users as well. Any reach beyond the U.S. and Canada remains unclear.

Per the company’s Q2 financial report this year, “hundreds of thousands of merchants, tens of millions of consumers, and millions of Dashers across over 30 countries every month.” Stats published elsewhere put the user base at more than 40 million people, which includes some 600,000 merchants.

The company underscored that no “sensitive” info like Social Security Numbers (and potentially Canadian Social Insurance Numbers) were involved in the breach. This marks the third notable breach by the well-known delivery service, with incidents in 2019 and 2022

What to do if you think you got caught up in the DoorDash breach

While the types of info involved here appear to be limited, any time there’s a breach, we suggest the following:

Protect your credit and identity. Checking your credit and getting identity theft protection can help keep you safer in the aftermath of a breach. Further, a security freeze can help prevent identity theft if you spot any unusual activity. You can get all three in place with our McAfee+ Advanced or Ultimate plans.

Keep an eye out for phishing attacks. With some personal info in hand, bad actors might seek out more. They might follow up a breach with rounds of phishing attacks that direct you to bogus sites designed to steal your personal info. As with any text or email you get from a company, make sure it’s legitimate before clicking or tapping on any links. Instead, go straight to the appropriate website or contact them by phone directly. Also, protections like our Scam Detector and Web Protection can alert you to scams and sketchy links before they take you somewhere you don’t want to go.

Update your passwords and use two-factor authentication. Changing your password is a strong preventive measure. Strong and unique passwords are best, which means never reusing your passwords across different sites and platforms. Using a password manager helps you stay on top of it all while also storing your passwords securely.

Attention travelers: Now boarding, a rise in flight cancellation scams

Even as the FAA lifted recent flight restrictions on Monday morning, scammers are still taking advantage of lingering uncertainty, and upcoming holiday travel, with a spate of flight cancellation scams.

How the scam works

Fake cancellation texts

The first comes via a text message saying that your flight has been cancelled and you must call or rebook quickly to avoid losing your seat—usually in 30 minutes. It’s a typical scammer trick, where they hook you with a combination of bad news and urgency. Of course, the phone number and the site don’t connect you with your airline. They connect you to a scammer, who walks away with your money and your card info to potentially rip you off again.

Fake airline sites in search results

The second uses paid search results. We’ve talked about this trick in our blogs before. Because paid search results appear ahead of organic results, scammers spin up bogus sites that mirror legitimate ones and promote them in paid search. In this way, they can look like a certain well-known airline and appear in search before the real airline’s listing. With that, people often mistakenly click the first link they see. From there, the scam plays out just as above as the scammer comes away with your money and card info.

How to avoid flight cancellation scams

Q: How can I confirm whether my flight is really canceled?
A: Check directly in your airline’s official app or website. Never click links in texts or emails.

Q: How can I spot a fake airline search result?
A: Look for “Ad”/“Sponsored,” confirm the URL, and check that the site uses HTTPS, not HTTP.

Q: Is there a tool that flags fake booking sites?
A: Scam-spotting tools like Scam Detector and Web Protection can identify sketchy links before you click.

In search, first isn’t always best.

Look closely to see if your top results are tagged with “Sponsored” or “Ad” in some way, realizing it might be in fine print. Further, look at the web address. Does it start with “https” (the “s” means secure), because many scam sites simply use an unsecured “http” site. Also, does the link look right? For example, if you’re searching for “Generic Airlines,” is the link the expected “genericairlines dot-com” or something else? Scammers often try to spoof it in some way by adding to the name or by creating a subdomain like this: “genericairlines.rebookyourflight dot-com.”

Get a scam detector to spot bogus links for you.

Even with these tips and tools, spotting bogus links with the naked eye can get tricky. Some look “close enough” to a legitimate link that you might overlook it. Yet a combination of features in our McAfee+ plans can help do that work for you.  Our Scam Detector helps you stay safer with advanced scam detection technology built to spot and stop scams across text messages, emails, and videos. Likewise, our Web Protection will alert you if a link might take you to a sketchy site. It’ll also block those sites if you accidentally tap or click on a bad link.

Scammers Hijack a Trusted Mass Texting Provider

You’ve probably seen plenty of messages sent by short code numbers. They’re the five- or six-digit codes used to send texts instead of by a phone number. For example, your cable company might use one to send a text for resetting a streaming password, the same goes for your pharmacy to let you know a prescription is ready or your state’s DoT to issue a winter travel alert, and so on.

According to NBC News, scammers sent hundreds of thousands of texts using codes used by the state of New York, a charity, and a political organizing group. The article also cites an email sent to messaging providers by the U.S. Short Code Registry, an industry nonprofit that maintains those codes in the U.S. In the email, the registry said attempted attacks on messaging providers are on the rise.

What this means for the rest of us is that just about any text from an unknown number, and now short codes, might contain malicious links and content. It’s one more reason to arm yourself with the one-two punch of our Scam Detector and Web Protection.

What are short codes?
Short codes are 5–6 digit numbers used by pharmacies, utilities, banks, and government agencies to send official alerts.

Why this attack is unusual
Scammers didn’t spoof short codes—they gained access to real ones used by:

• The State of New York
• A charity
• A political organizing group

Why this matters
Even texts from legitimate short-code numbers can no longer be trusted at face value.

What to do now

• Treat any unexpected text—even from a short code—as suspicious.
• Don’t tap links.
• Verify by going directly to the official website or app.

Quick Scam Roundup

Consumers warned over AI chatbots giving inaccurate financial advice 

• Our advice: Always verify recommendations with trusted financial sources

Why our own clicks are often cybercrime’s greatest allies

• Our advice: Many attacks rely on rushed or emotional decisions, slow down before clicking

TikTok malware scam uses fake software activation guides to steal data

• Our advice: Download software only from official sources

 

We’ll be back after the Thanksgiving weekend with more updates, scam news, and ways to stay cyber safe.

The post This Week in Scams: DoorDash Breach and Fake Flight Cancellation Texts appeared first on McAfee Blog.

China-Linked APT31 Launches Stealthy Cyberattacks on Russian IT Using Cloud Services

The China-linked advanced persistent threat (APT) group known as APT31 has been attributed to cyber attacks targeting the Russian information technology (IT) sector between 2024 and 2025 while staying undetected for extended periods of time. "In the period from 2024 to 2025, the Russian IT sector, especially companies working as contractors and integrators of solutions for government agencies,

US Border Patrol Is Spying on Millions of American Drivers

Plus: The SEC lets SolarWinds off the hook, Microsoft stops a historic DDoS attack, and FBI documents reveal the agency spied on an immigration activist Signal group in New York City.

This do-it-all cable is a must-have travel item (and it's under $15 right now)

The Statik PowerPivot Pro features a 180-degree swivel mechanism and a pull-out Type-A port, making it a 2-in-1 wire.

The GE Opal nugget ice maker makes the good ice, and it's $160 off for Black Friday

Whether you call it the good ice, Sonic ice, or soft ice, you can now have it from the comfort of your kitchen.

Matrix Push C2 Uses Browser Notifications for Fileless, Cross-Platform Phishing Attacks

Bad actors are leveraging browser notifications as a vector for phishing attacks to distribute malicious links by means of a new command-and-control (C2) platform called Matrix Push C2. "This browser-native, fileless framework leverages push notifications, fake alerts, and link redirects to target victims across operating systems," Blackfog researcher Brenda Robb said in a Thursday report. In

CISA Warns of Actively Exploited Critical Oracle Identity Manager Zero-Day Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw impacting Oracle Identity Manager to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability in question is CVE-2025-61757 (CVSS score: 9.8), a case of missing authentication for a critical function that can result in pre-authenticated

Best early Black Friday phone deals 2025: I found 15 offers on iPhones, Pixel, Samsung, more

Black Friday sales are in full effect, with my favorite deal being the Google Pixel 10 for just $599, a $200 discount on an already-fantastic offering.

These 3 PS5 bundles are way too good to wait until Black Friday

With Black Friday just a week away, PlayStation 5 deals are rolling out, and I've compiled the top three offers to help shoppers get started.

I replaced my dual monitors with these XR smartglasses - now on sale for Black Friday

Xreal's One Pro smartglasses simulate a 171-inch spatial screen with 57-degree field of view at a 120Hz refresh.

I found the best early Black Friday streaming service and device deals

Black Friday is days away, but we've already found great streaming deals, including over 50% off Apple TV.

26 hidden Roku tips and tricks you'll wish you knew years ago

You're not using your Roku to its full potential. These secret menus, shortcuts, settings, and hacks will fix that.

Best early Black Friday PlayStation deals 2025: 20 sales out now

Black Friday is less than a week away, but you can already find great PlayStation deals now from Amazon, Target, Walmart, and others. I've collected some of the best.

Best early Black Friday laptop deals 2025: 20+ sales live now

Black Friday is less than a week away, but the big sales are kicking off now. Here are the best laptop deals we've found so far, including the new MacBook Air M4 for 25% off.

Best early Black Friday gaming PC deals 2025: My favorite sales right now

Black Friday is one week away, but you can get a jump on your holiday shopping list with great deals on gaming desktop PCs, monitors, SSDs, and more.

How Microsoft's new security agents help businesses stay a step ahead of AI-enabled hackers

Copilot customers will find the agents embedded in their relevant security and management dashboards.

ShinyHunters 'does not like Salesforce at all,' claims the crew accessed Gainsight 3 months ago

Shiny talks to The Reg

EXCLUSIVE ShinyHunters has claimed responsibility for the Gainsight breach that allowed the data thieves to snarf data from hundreds more Salesforce customers.…

The best products we tested in 2025: ZDNET's picks for phones, laptops, TVs, and more

After a year of testing the best hardware and software products that brands have to offer, here's our list of 2025 winners.

Best early Black Friday iPad deals 2025: 16 sales out already

Looking to find a deal on an iPad this holiday season? There are early Black Friday deals on the iPad Pro, iPad Air, and more before the biggest shopping weekend at the end of the month.

Best early Black Friday Apple deals 2025: 45+ sales out now

Black Friday is only a week away and this is the ideal time to take advantage of discounts on Apple devices. My favorite deals include discounts on MacBooks, iPads, earbuds, and more.

Best early Black Friday Nintendo Switch deals 2025: 15+ sales out early

Black Friday is a week away, but you can find great Nintendo Switch and Switch 2 deals now. I've collected the best from Walmart, Best Buy, and more.

Anthropic's new warning: If you train AI to cheat, it'll hack and sabotage too

Models trained to cheat at coding tasks developed a propensity to plan and carry out malicious activities, such as hacking a customer database.

Google's AI is now snooping on your emails - here's how to opt out

A new change quietly rolling out allows Google to access your private messages and attachments to train its AI models - likely without your knowledge. Opting out takes just moments.

You can finally get built-in vertical tabs in Chrome - here's how and why they're better

Rejoice, browser fans, vertical tabs are officially here for Chrome.

My favorite color e-reader is on sale for its lowest price ever, and it's not made by Kobo or Boox

Amazon's Kindle Colorsoft brings a smooth color display to your favorite books, and it's $80 off as an early Black Friday deal.

Grafana Patches CVSS 10.0 SCIM Flaw Enabling Impersonation and Privilege Escalation

Grafana has released security updates to address a maximum severity security flaw that could allow privilege escalation or user impersonation under certain configurations. The vulnerability, tracked as CVE-2025-41115, carries a CVSS score of 10.0. It resides in the System for Cross-domain Identity Management (SCIM) component that allows automated user provisioning and management. First

I finally tried GrapheneOS on my Pixel, and it's the secure Android alternative I've been waiting for

My only regret is not installing it sooner.

Four charged over alleged plot to smuggle Nvidia AI chips into China

Prosecutors say front companies, falsified paperwork, and overseas drop points used to dodge US export rules

Four people have been charged in the US with plotting to funnel restricted Nvidia AI chips into China, allegedly relying on shell firms, fake invoices, and covert routing to slip cutting-edge GPUs past American export controls.…

Sliver C2 vulnerability enables attack on C2 operators through insecure Wireguard network

submitted by /u/catmandx
[link] [comments]

Russia-linked crooks bought a bank for Christmas to launder cyber loot

UK cops trace street-level crime to sanctions-busting networks tied to Moscow's war economy

On Christmas Day 2024, a Russian-linked laundering network bought itself a very special present: a controlling stake in a Kyrgyzstan bank, later used to wash cybercrime profits and funnel money into Moscow's war machine, according to the UK's National Crime Agency (NCA).…

Google Brings AirDrop Compatibility to Android’s Quick Share Using Rust-Hardened Security

In a surprise move, Google on Thursday announced that it has updated Quick Share, its peer-to-peer file transfer service, to work with Apple's equipment AirDrop, allowing users to more easily share files and photos between Android and iPhone devices. The cross-platform sharing feature is currently limited to the Pixel 10 lineup and works with iPhone, iPad, and macOS devices, with plans to expand

This Hacker Conference Installed a Literal Anti-Virus Monitoring System

At New Zealand's Kawaiicon cybersecurity convention, organizers hacked together a way for attendees to track CO2 levels throughout the venue—even before they arrived.

Why IT Admins Choose Samsung for Mobile Security

Ever wonder how some IT teams keep corporate data safe without slowing down employees? Of course you have. Mobile devices are essential for modern work—but with mobility comes risk. IT admins, like you, juggle protecting sensitive data while keeping teams productive. That’s why more enterprises are turning to Samsung for mobile security. Hey—you're busy, so here's a quick-read article on what

APT24 Deploys BADAUDIO in Years-Long Espionage Hitting Taiwan and 1,000+ Domains

A China-nexus threat actor known as APT24 has been observed using a previously undocumented malware dubbed BADAUDIO to establish persistent remote access to compromised networks as part of a nearly three-year campaign. "While earlier operations relied on broad strategic web compromises to compromise legitimate websites, APT24 has recently pivoted to using more sophisticated vectors targeting

These 7 Amazon Black Friday deals are so good, I'd buy them twice (and they're under $25)

I'd buy these gadgets any time of year, but they just got cheaper during Amazon's Black Friday sale.

The best Mini ITX PC cases of 2025: Expert recommended

PCs are no longer big, bulky boxes and can now be both small and stylish. We've rounded up the best mini ITX PC cases that are compact yet powerful.

10 most popular gadgets this year, according to thousands of readers (including surprise picks)

I'm always testing new gadgets that can help you around the house or at the office. These are the most popular ones ZDNET readers have bought this year so far.

ZTE Launches ZXCSec MAF security solution for large model

A multi-layered security framework protecting large-model applications from adversarial threats, data leakage, API abuse, and content risks

Partner Content At MWC Shanghai 2025, ZTE has officially launched its ZXCSec MAF product, a dedicated application-layer security protection device specifically designed for large model services.…

I'm a shopping editor, and these are the 9 wellness gadgets I'm buying for Black Friday

I cover tech deals all year round, but these are the beauty and wellness deals I'll be shopping this Black Friday.

How to AirDrop on Android to iPhone (and which models support the file-sharing feature)

Google has found a way for Quick Share to play nicely with AirDrop, paving the way for the new sharing method. Here's the breakdown.

Not enough people are talking about my new favorite work laptop (and it's not a ThinkPad)

Asus' ExpertBook P3 powers through demanding workloads thanks to its AMD processor, ample RAM, and efficient thermal cooling.

SEC Drops SolarWinds Case After Years of High-Stakes Cybersecurity Scrutiny

The U.S. Securities and Exchange Commission (SEC) has abandoned its lawsuit against SolarWinds and its chief information security officer, alleging that the company had misled investors about the security practices that led to the 2020 supply chain attack. In a joint motion filed November 20, 2025, the SEC, along with SolarWinds and its CISO Timothy G. Brown, asked the court to voluntarily

Salesforce Flags Unauthorized Data Access via Gainsight-Linked OAuth Activity

Salesforce has warned of detected "unusual activity" related to Gainsight-published applications connected to the platform. "Our investigation indicates this activity may have enabled unauthorized access to certain customers’ Salesforce data through the app's connection," the company said in an advisory. The cloud services firm said it has taken the step of revoking all active access and refresh

Google links Android’s Quick Share to Apple’s AirDrop, without Cupertino’s help

Relies on very loose permissions, but don’t worry – Google wrote it in Rust

Google has linked Android’s wireless peer-to-peer file sharing tool Quick Share to Apple’s equivalent AirDrop.…

This ghost tapping scam can steal money from your mobile wallet or card - how to block it

Scammers or fake vendors can exploit tap-to-pay and NFC transactions to steal money from your credit card or mobile wallet. Here's what you need to know to stop them.

Why the mirrorless camera I recommend to most beginners isn't a Canon or Sony

The Nikon Z5 II is an excellent camera for aspiring photographers to transition into the professional photography realm.

How AI can magnify your tech debt - and 4 ways to avoid that trap

A new study finds 43% of IT managers fear AI will create new technical debt - even as 84% expect cost cuts from AI adoption. Here's how to avoid the tech debt trap.

The OSINT playbook: Find your weak spots before attackers do

Here’s how open-source intelligence helps trace your digital footprint and uncover your weak points, plus a few essential tools to connect the dots

Esbuild XSS Bug That Survived 5B Downloads and Bypassed HTML Sanitization

submitted by /u/va_start
[link] [comments]

SEC drops SolarWinds lawsuit that painted a target on CISOs everywhere

Company 'clearly delighted' with the outcome

The US Securities and Exchange Commission (SEC) has abandoned the lawsuit it pursued against SolarWinds and its chief infosec officer for misleading investors about security practices that led to the 2020 SUNBURST attack.…

4 People Indicted in Alleged Conspiracy to Smuggle Supercomputers and Nvidia Chips to China

A federal prosecutor alleged that one defendant boasted that his father “had engaged in similar business for the Chinese Communist Party.”

Can a Linux laptop really replace my MacBook? This one is surprisingly close

Tuxedo Computers' Infinity Book Pro 14 is a sleek laptop with Linux preinstalled. But its performance is backed up by some smart design choices.

Black Friday TV deals are live now with massive sales: Here are our 40+ top picks

Black Friday is less than a week away, and I'm already tracking great deals on TVs and home theater equipment from Samsung, Sony, and more live.

I tested the Kindle Scribe 2 for months, and it beat my ReMarkable in several ways

Amazon's Kindle Scribe earned our Editor's Choice award for its excellent note-taking features and ease of use. Right now, it's cheaper than ever.

Salesforce-linked data breach claims 200+ victims, has ShinyHunters’ fingerprints all over it

They keep coming back for more

Salesforce has disclosed another third-party breach in which criminals - likely ShinyHunters (again) - may have accessed hundreds of its customers' data.…

Google's Nano Banana image generator goes Pro - how it beats the original

The original Nano Banana generator went viral, and this one is even better. See what changed - and how to try it for free.

Unquoted Paths: The Decades-Old Windows Flaw Still Enabling Hidden Code Execution

submitted by /u/runtimesec
[link] [comments]

Bose's headphones are the best for traveling - why I choose them over Sony and Apple

The Bose QuietComfort Ultra 2 headphones are a frequent flyer's best friend, thanks to their warm sound profile, comfortable design, and intuitive power feature.

Amazon is selling the Roku 4K Streaming Stick Plus for $19, and I wouldn't think twice about it

I've used the Roku Streaming Stick Plus for months, and it's a downright steal with this $19 Black Friday deal.

LLM-generated malware is improving, but don't expect autonomous attacks tomorrow

Researchers tried to get ChatGPT to do evil, but it didn't do a good job

LLMs are getting better at writing malware - but they're still not ready for prime time.…