MEDIUMVulnerability
Global

Google: New UNC6783 hackers steal corporate Zendesk support tickets

·Source: BleepingComputer

Updated:

Executive Summary

A threat actor tracked as UNC6783 is compromising business process outsourcing (BPO) providers to gain access to high-value companies across multiple sectors. [...]

Analysis

A threat actor tracked as UNC6783 is compromising business process outsourcing (BPO) providers to gain access to high-value companies across multiple sectors. [...]
Source Attribution

Originally published by BleepingComputer on Apr 8, 2026.

Related Threats

CRITICALVulnerability

NVD CRITICAL: CVE-2024-58351 — Flowise before 2.1.4 allows configuration to be injected into the Chainflow duri...

Flowise before 2.1.4 allows configuration to be injected into the Chainflow during execution via the overrideConfig option, supported in both the frontend web integration and the backend Prediction API. Because this feature is enabled by default with no allow-list of permitted variables and relies on vm2 for sandboxing, an attacker can abuse it to achieve remote code execution and sandbox escape,

CVE-2024-58351
NIST NVD
CRITICALVulnerability

NVD CRITICAL: CVE-2022-50972 — WooCommerce 7.1.0 contains a remote code execution vulnerability that allows att...

WooCommerce 7.1.0 contains a remote code execution vulnerability that allows attackers to execute arbitrary PHP code by injecting shell commands through the product-type parameter. Attackers can send requests to the class-wc-meta-box-product-images.php endpoint with unsanitized product-type values to write malicious PHP files to the web root.

CVE-2022-50972
NIST NVD
CRITICALVulnerability

NVD CRITICAL: CVE-2019-25763 — WordPress Ultimate Addons for Beaver Builder 1.2.4.1 contains an authentication ...

WordPress Ultimate Addons for Beaver Builder 1.2.4.1 contains an authentication bypass vulnerability that allows attackers to gain unauthorized access by exploiting the social media login form functionality. Attackers can submit a POST request to the admin-ajax.php endpoint with the uabb-lf-google-submit action, a valid administrator email address, and a valid nonce to obtain session cookies and a

CVE-2019-25763
NIST NVD