Scattered Spider hackers have been targeting VMware ESXi hypervisors in U.S. companies across various sectors through sophisticated social engineering techniques, rather than exploiting software vulnerabilities. Their attack methodology enables them to gain significant control over virtualized environments, leading to data exfiltration and ransomware deployment. Google Threat Intelligence Group has outlined protective measures organizations can take to defend against these attacks.

Russian hackers have successfully bypassed Gmail's multi-factor authentication by employing sophisticated social engineering tactics to obtain app-specific passwords from targeted academics and critics of Russia. The attackers impersonated U.S. Department of State officials, convincing victims to share their passwords under the pretense of accessing a secure communication platform. Security researchers have linked these activities to the state-sponsored group APT29, known for attacking high-profile targets since 2008.