Imperva has disclosed a security breach (dating back to 2017) of their Cloud Web Application Firewall (WAF). The product analyzes requests coming into applications, and flags or blocks suspicious and malicious activity. The attack exposed users’ emails, hashed and salted passwords, as well as API keys and SSL certificates. As the first remedy Imperva has implemented password resets and 90-day password expiration for the affected product.
Worth millions cryptojacking botnet was neutralized by French authorities, who took over its Command & Control server thanks to the flaw in the malware's design.
Phishing emails usually claim that there's a problem with your account or that a false purchase has been made. That's why instead of clicking on links from such emails, it's better to access your account through website and make sure there that everything is in order.