Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Pretexting is a fictional story threat actors use to trick you into giving them access to sensitive information. It is a popular scam that can happen online or in person, and it uses common phishing techniques to help threat actors achieve success in their pretexting scam. In this article, we cover: what is pretexting, how it works, examples of pretexting, and how to prevent it by subscribing to Internxt Drive and by increasing your cyberawareness online. Ready to learn more? Then keep reading!

A constantly shifting threat landscape has given rise to a new cyberattack vector, driven by two powerful forces: the rapid migration of data to the cloud and the fundamental change in how employees access and interact with that data. Today’s workforce expects the freedom to work and access information from any device—especially mobile devices, which have become integral to their professional and personal lives.

A supply chain attack does not start with your firewall. It starts with someone else’s. Instead of targeting your company directly, a cyber attacker looks for weak spots in your organization’s supply chain. That could be a trusted third-party vendor, a widely used software supplier, or even an outdated package from an open-source code repository. Once they find an opening, they exploit security vulnerabilities to gain access to your systems without ever going through the front door.

Subdomain takeovers are a growing threat in today’s cloud-first ecosystem. As organizations rely on third-party services, continuously launch digital assets, and manage sprawling DNS configurations, they often leave behind vulnerable subdomains ripe for exploitation. In this article, we explore subdomain takeovers, why they pose such a serious risk, and most importantly, how to prevent them before threat actors strike.

In April and May 2025, several prominent UK retailers including Marks & Spencer (M&S), Co-op, and Harrods experienced significant cyberattacks. At the time of writing we have not had confirmation of these attacks but consider them to be a Ransomware attack. These incidents are disrupting services, compromising customer data, and highlight vulnerabilities in retail cybersecurity. This guide aims to help you as a consumer take the steps you can take to protect yourself.

On 5 May, 16:00 GMT+0, our automated malware analysis pipeline detected a suspicious package released, rand-user-agent@1.0.110. It detected unusual code in the package, and it wasn’t wrong. It detected signs of a supply chain attack against this legitimate package, which has about ~45.000 weekly downloads.

In April 2025, Marks & Spencer, the Co-op Group, and Harrods were all targeted by cyber-attacks that caused disruption across their services. Although attribution is still being confirmed, indicators strongly link these attacks to Scattered Spider, a group known for aggressive, human-centric tactics and high-profile breaches. This post is not an incident breakdown for each retailer.