Cisco Reports July 24 Data Breach from Voice Phishing; ClickFix Malware Uses Clipboard Commands to Steal Crypto via 15,000 Fake TikTok Shops

Cisco Systems disclosed a data breach resulting from a voice phishing (vishing) attack targeting one of its representatives. The company was notified of the incident on July 24, 2025. The attacker accessed basic profile information of users registered on Cisco's platform; however, no customer passwords, sensitive data, or proprietary information were compromised according to Cisco. Separately, a widespread cyber scam involving over 15,000 fake TikTok Shop domains has been identified. This AI-driven campaign uses fake CAPTCHA challenges, AI-generated videos, Meta advertisements, and trojan applications to steal login credentials and cryptocurrency from victims globally. The scam, known as the ClickFix malware campaign, operates by hijacking devices through clipboard commands without requiring downloads or file installations. Security experts have issued warnings about this ongoing threat to TikTok Shop users. Additionally, cybersecurity discussions highlight the broader risks of data blindness even in the absence of explicit breaches.