The Iranian APT group known as Charming Kitten has been using a new tool called HYPERSCRAPE to steal the contents of Gmail, Yahoo, and Outlook 365 inboxes.
Apple and Google have released fixes for iOS and macOS, and Chrome, respectively, to address bugs that have been exploited in the wild.
Google has fixed a high-severity bug in Chrome for which an exploit exists in the wild.
Hack-for-hire firms are targeting a range of accounts from Google and major webmail providers in credential theft campaigns.
At least half of the zero days exploited in the wild in 2022 are variants of previously fixed bugs, Google data shows.