Cybersecurity experts are warning about a widespread phishing campaign that exploits Google Calendar and other trusted tools to steal user credentials. Cybercriminals are sending spoofed invites that appear legitimate, tricking users into clicking malicious links. This campaign has reportedly targeted thousands of users, particularly in Europe, with tools like HubSpot's Free Form Builder being used to create fake DocuSign alerts. The phishing attempts are designed to bypass spam filters, making them particularly effective. In addition, vulnerabilities in various software products have been identified, including a critical flaw in BeyondTrust's Privileged Remote Access and Remote Support products, which has a CVSS score of 9.8, indicating its severity. Organizations are urged to remain vigilant and implement security measures to protect against these threats.