---
title: "Critical VPN Exploitation, WhatsApp Phishing Dispute, Instagram Accounts Hijacked | DMARC Report"
description: "Cybersecurity roundup: Check Point VPN exploits, Meta-NSO clash, Instagram account hijacks, Dashlane breach, Cisco flaws, and rising cyber threats."
image: "https://dmarcreport.com/og/blog/critical-vpn-exploitation-whatsapp-phishing-dispute-instagram-accounts-hijacked.png"
canonical: "https://dmarcreport.com/blog/critical-vpn-exploitation-whatsapp-phishing-dispute-instagram-accounts-hijacked/"
---

Quick Answer

The biggest cybersecurity stories this week include a critical Check Point VPN zero-day exploited by ransomware actors, WhatsApp phishing attacks linked to NSO Group, Instagram account hijacks via Meta's AI chatbot, and rising threats from infostealers, AI scams, and phishing campaigns.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Fcritical-vpn-exploitation-whatsapp-phishing-dispute-instagram-accounts-hijacked%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Critical%20VPN%20Exploitation%2C%20WhatsApp%20Phishing%20Dispute%2C%20Instagram%20Accounts%20Hijacked&url=undefined%2Fblog%2Fcritical-vpn-exploitation-whatsapp-phishing-dispute-instagram-accounts-hijacked%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Fcritical-vpn-exploitation-whatsapp-phishing-dispute-instagram-accounts-hijacked%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Fcritical-vpn-exploitation-whatsapp-phishing-dispute-instagram-accounts-hijacked%2F&title=Critical%20VPN%20Exploitation%2C%20WhatsApp%20Phishing%20Dispute%2C%20Instagram%20Accounts%20Hijacked "Share on Reddit") [ ](mailto:?subject=Critical%20VPN%20Exploitation%2C%20WhatsApp%20Phishing%20Dispute%2C%20Instagram%20Accounts%20Hijacked&body=Check out this article: undefined%2Fblog%2Fcritical-vpn-exploitation-whatsapp-phishing-dispute-instagram-accounts-hijacked%2F "Share via Email") 

![cybersecurity news](https://media.mailhop.org/dmarcreport/gmail-dmarc-3978-1781092981136.jpg) 

Here’s your weekly roundup of the most significant [cybersecurity](https://dmarcreport.com/blog/why-email-security-matters-and-how-to-get-it-right/) developments from the past seven days. From a critical VPN flaw being weaponized by ransomware gangs to a rogue AI chatbot handing Instagram accounts to hackers, this week was packed with high-impact incidents and urgent warnings.

## Critical Check Point VPN Zero-Day Exploited by Qilin Ransomware Gang

Check Point published a security advisory on June 8 for **CVE-2026-50751**, a critical authentication bypass vulnerability with a [CVSS](https://www.ibm.com/think/topics/cvss) score of 9.3 that affects Check Point Remote Access VPN and Mobile Access deployments configured to use the deprecated [IKEv1 key exchange protocol](https://netbird.io/knowledge-hub/understanding-the-ikev1-protocol-in-ipsec). The attacks began on May 7, surged in early June, and have affected “a few dozen” organizations worldwide, with at least one incident linked to the [Qilin ransomware operation](https://www.bleepingcomputer.com/news/security/check-point-links-vpn-zero-day-attacks-to-qilin-ransomware-gang/).

[Check Point](https://www.bleepingcomputer.com/news/security/check-point-links-vpn-zero-day-attacks-to-qilin-ransomware-gang/) estimates that the [threat actor](https://cyberscoop.com/legislation-would-designate-critical-cyber-threat-actors-direct-sanctions-against-them/) behind this vulnerability is also exploiting VPN vulnerabilities in products from other vendors, including [Palo Alto Networks](https://www.linkedin.com/company/palo-alto-networks), Fortinet, and F5\. Organizations using affected versions should apply hotfixes immediately or switch to IKEv2 as a mitigation measure.

This is a timely reminder that keeping **legacy protocol** configurations in production environments creates dangerous attack surfaces — and that [DMARC](https://dmarcreport.com/), [SPF](https://dmarcreport.com/dmarc-fundamentals/what-is-spf/), and [DKIM](https://dmarcreport.com/what-is-dkim/) controls reduce the [phishing and spoofing](https://www.msspalert.com/brief/novel-usps-spoofing-phishing-attack-relies-on-malicious-pdfs) vectors that ransomware actors frequently combine with initial access exploits.

## Meta Files Contempt of Court Order Against NSO Group for Fresh WhatsApp Phishing Attacks

Meta-owned WhatsApp says it recently detected and disrupted a spear-phishing attempt linked to **spyware company** [NSO Group](https://www.securityweek.com/whatsapp-catches-spyware-firm-nso-defying-no-hacking-court-order/), allegedly in defiance of a court order that bars the spyware maker from targeting WhatsApp.

Meta claims it disrupted [spear-phishing attempts](https://cybersecuritynews.com/education-sector-under-attack-from-state-espionage/) linked to NSO Group and is asking a US federal court to hold the spyware vendor in contempt for allegedly violating an injunction that bars it from targeting WhatsApp users. “We successfully disrupted NSO-linked social engineering attempts after investigating user reports,” Meta stated. _“They tried to trick people into clicking on malicious links to drive them to external websites outside of WhatsApp, similar to previously reported 1-click phishing campaigns linked to NSO.”_ ![Dmarc Check 6804](https://media.mailhop.org/dmarcreport/dmarc-check-6804-1781092275689.jpg)This follows a timeline that includes a May 2025 jury award of **$167.3 million** in punitive damages and **$444,719** in compensatory damages against NSO Group, and an October 2025 permanent injunction barring NSO from ever targeting WhatsApp again.

## Hackers Hijack High-Profile Instagram Accounts by Tricking Meta’s Own AI Chatbot

Hackers took over famous Instagram accounts by tricking Meta’s AI support chatbot. The AI let them change account details without checking who they really were. [Hackers exploited Meta’s AI chatbot](https://memeburn.com/meta-ai-chatbot-security-fail-2026-hackers-took-control-of-instagram-accounts/) to take over high-profile Instagram accounts worth over **$500,000** — with no password cracking needed. _The entire attack reportedly took just a few minutes using a simple, convincingly worded message to Meta’s own support assistant._

Using **AI-generated facial verification**, the attackers bypassed safeguards including [multi-factor authentication](https://www.onelogin.com/learn/what-is-mfa) to convince the automated system they were the rightful account owners. Without any human escalation path, victims found themselves stuck in chatbot loops with no way to reclaim their accounts.

This incident is a **sobering warning:** AI-powered support systems without proper human oversight and guardrails can become the easiest entry point into any platform.

## Instagram Password Reset Bug Leaked Users’ Full Email Addresses and Phone Numbers

A critical logic flaw in Instagram’s web-based account recovery workflow exposed unredacted [user contact information](https://gbhackers.com/instagram-patches-account-recovery-flaw/) — including full email addresses and phone numbers — before Meta rapidly patched it on June 6, 2026\. The vulnerability allowed any unauthenticated user to initiate a standard recovery request for a target username and receive **sensitive account identifiers** in cleartext rather than the intended partially masked format.

Threat actors could leverage harvested email addresses and phone numbers for phishing campaigns, credential stuffing, [SIM-swapping attacks](https://www.foxnews.com/tech/sim-swap-scam-drained-florida-womans-bank-account-minutes), or broader identity correlation across platforms. This was the second major Instagram security lapse of the week, occurring just days after the AI chatbot hijacking incident.

## Dashlane Password Manager Hacked — Encrypted Vaults Stolen via 2FA Brute-Force

![Gmail Dmarc 1307](https://media.mailhop.org/dmarcreport/gmail-dmarc-1307-1781092329935.jpg) [Password manager Dashlane](https://cyberpress.org/dashlane-encrypted-password-vaults/) published a detailed post-incident advisory after a threat actor successfully brute-forced two-factor authentication protections and downloaded encrypted vaults belonging to fewer than 20 personal plan users between May 31 and June 4, 2026\. The attacker’s objective was to bypass [2FA](https://www.uis.edu/its/it-security/two-factor-authentication-2fa) verification by flooding device registration **API endpoints** with a high volume of requests, systematically guessing valid 6-digit one-time tokens.

Dashlane confirmed that the encryption stack using **Argon2 + AES-256-CBC + HMAC-SHA256** makes brute-forcing the Master Password statistically infeasible, and there is no evidence that Dashlane’s internal infrastructure was compromised. Nevertheless, the incident highlights how attackers can exploit peripheral authentication flows even when core encryption holds firm.

## China-Linked Cybercrime Group TA4922 Expands Phishing Attacks Into Europe and Africa

A new [Chinese-speaking cybercrime group](https://www.infosecurity-magazine.com/news/ta4922-global-expansion/) has expanded its reach from **East Asia into Europe and Africa**, while rapidly overhauling the malware it uses to break into corporate networks. According to new analysis from Proofpoint, the actor tracked as **TA4922** is financially motivated and focused on gaining remote access to victim systems for data theft, fraud, and the resale of access. _Historically concentrated on Japan, the group also targets organizations in Taiwan, Korea, Singapore, and India — and in recent months, its campaigns have reached the UK, Germany, Italy, and South Africa_.

Notable tactics include attempts to move conversations from emails to out-of-band communication channels like LINE, WhatsApp, and Microsoft Teams, allowing the attackers to bypass enterprise security controls and steal data or deliver malware. The group’s evolving malware arsenal includes Atlas RAT, RomulusLoader, SilentRunLoader, and variants of ValleyRAT.

## Cisco Unified Communications Manager Flaw Lets Unauthenticated Attackers Gain Root Access

Cisco has patched a bug in **Unified Communications Manager** that lets an unauthenticated attacker on the network write files to the system and, from there, climb to root. It is tracked as [CVE-2026-20230](https://www.techtimes.com/articles/317782/20260604/cisco-unified-cm-ssrf-flaw-cve-2026-20230-public-exploit-code-opens-path-root.htm), and proof-of-concept exploit code is already public.

The flaw allows any attacker with network access to write arbitrary files to the underlying operating system and then escalate to full root control, potentially taking over enterprise **telephony infrastructure** without ever presenting a valid credential. The vulnerability sits inside the Cisco WebDialer Web Service, a browser-based [click-to-dial](https://docs.experianaperture.io/integrations/salesforce-sales-and-service-cloud-lightning/additional-features/click-to-dial-support/) component. _Organizations running Unified CM should upgrade to version 14SU6 immediately, or disable the WebDialer service as an interim measure._ ![What Is Dmarc 3108](https://media.mailhop.org/dmarcreport/what-is-dmarc-3108-1781092354896.jpg)

## Cisco Catalyst SD-WAN Manager Carries Unpatched Command-Injection Flaw — No Fix Yet

On the heels of the Unified CM disclosure, Cisco disclosed another high-severity flaw in [Catalyst SD-WAN Manager](https://thehackernews.com/2026/06/cisco-catalyst-sd-wan-manager-cve-2026.html) tracked as CVE-2026-20245, with a **CVSS score of 7.8**, that can allow arbitrary command execution as root — with no patch yet available. The back-to-back Cisco disclosures in the same week highlight ongoing risks in enterprise network communication platforms and the urgency of monitoring Cisco’s PSIRT advisories closely.

## Free Smart TV Apps Are Secretly Enrolling Millions of Devices Into AI Web-Scraping Proxy Networks

[Free apps available on Samsung](https://thedesk.net/2026/06/samsung-ads-free-streaming-report-reach/), LG, Roku, and other major smart TV platforms have been quietly enrolling millions of living room devices into a web-scraping proxy network. The most significant platform involved is PlayWorks Digital, which builds casual games and interactive content baked into TV ecosystems, reaching an estimated **250 million smart TV** homes through partnerships with Samsung, LG, Vizio, Roku, Comcast, Cox, and Sky.

While the SDK vendor claims consent is obtained through an opt-in screen, **security experts** note the consent terms are not meaningfully clear to most users. _Smart TVs, which remain connected around the clock and are rarely monitored the way phones or PCs are, represent an attractive and largely invisible proxy pool for data harvesting operations._

## Pirated PC Games Delivering Password-Stealing Malware to 400,000+ Devices Worldwide

![Dmarc Report 3970](https://media.mailhop.org/dmarcreport/dmarc-report-3970-1781092385914.jpg)Cybercriminals are hiding malware in cracked and repacked games, [infecting more than 400,000 devices](https://www.pcmag.com/news/malware-hidden-in-pirated-games-infects-400000-devices) worldwide. At the time of writing, this loader is trying to deliver an infostealer called ARC, which can grab saved browser passwords, cookies, [cryptocurrency wallets](https://www.investopedia.com/terms/b/bitcoin-wallet.asp), [autofill data](https://superuser.com/questions/1839923/how-to-obtain-chrome-complete-list-of-autofill-data-for-text-fields-such-as-use), system details, and **clipboard contents**.

Other payloads being dropped include Rhadamanthys stealer, Async Remote Access Trojan, and Backdoor.XWorm, which can expand the damage from credential theft to full remote control of the machine — meaning account takeovers, financial fraud, [crypto theft](https://www.cnbc.com/2025/07/17/crypto-theft-hits-record-in-2025.html), and deeper compromise of personal or work data. _The lesson is clear: “free” cracked software is one of the most reliable delivery mechanisms for malware, not a bargain._

## FBI: Americans Lost Nearly $900 Million to AI-Powered Scams in 2025

Deepfakes, voice cloning, and other [AI-powered scams](https://www.malwarebytes.com/blog/scams/2026/06/americans-lost-nearly-900-million-to-ai-powered-scams-fbi-says) cost Americans nearly **$900 million** in 2025, according to the [2025 FBI Internet Crime Report](https://www.fastcompany.com/91549214/fbi-2025-internet-crime-report-6-takeaways). The staggering figure reflects the accelerating role of generative AI in enabling convincing fraud at scale — from fake executive voice calls demanding wire transfers to deepfake video calls impersonating family members in distress.

_This trend reinforces why organizations must train employees to verify requests through a second, trusted channel — regardless of how authentic the voice, face, or email may appear._

## Infostealers Are Now the Go-To Phishing Payload, Surpassing Traditional Malware

![Dmarc Analyzer 3917](https://media.mailhop.org/dmarcreport/dmarc-analyzer-3917-1781092418626.jpg) [Cybercriminals](https://informationsecuritybuzz.com/leak-hsbc-customer-data-bank-denies-breach/) prefer infostealers to traditional phishing techniques because they reduce friction, scale well, and are widely available. Unlike ransomware, which announces itself loudly, infostealers operate silently — [harvesting browser credentials](https://cyble.com/blog/multi-brand-phishing-campaign-harvests-credentials/), session cookies, [crypto wallets](https://www.investing.com/news/company-news/rumble-adds-tethers-usa-stablecoin-to-integrated-crypto-wallet-93CH-4511215), and corporate login tokens and exfiltrating them before the victim ever notices.

**Security researchers** note that the rise of infostealer-as-a-service platforms on the dark web has dramatically lowered the barrier to entry for cybercriminals, making credential theft the entry point of choice for subsequent ransomware deployment, [business email compromise](https://www.bitdefender.com/en-gb/blog/hotforsecurity/fraudsters-ghana-100-million-romance-bec), and account takeover attacks.

## Thousands of Legitimate Websites Hijacked in Massive ClickFix and FakeUpdate Campaign

A large-scale [hacking campaign](https://www.s-rminform.com/cyber-intelligence-briefing/cyber-intelligence-briefing-5-june-2026) has compromised thousands of legitimate websites, silently redirecting visitors to malicious pages. Victims encounter fake ClickFix prompts that trick them into running malicious commands, or fake browser update pages that [deliver malware disguised](https://www.brecorder.com/news/40424044/january-to-may-2026-kaspersky-detects-over-92000-malware-attacks-disguised-as-ai-services) as routine updates.

The ClickFix technique is particularly insidious because it exploits user trust — a **legitimate-looking website** presents an error message with a “fix,” asking the visitor to copy and paste a command into their system. The command then silently installs an infostealer or backdoor.

## Meta’s AI Support Bot Flaw Exploited — A Warning for Businesses Deploying AI Customer Support

The [Meta AI chatbot](https://www.fdd.org/analysis/2026/06/09/pro-iran-hackers-outsmart-meta-ai-chatbot-access-high-profile-accounts/) incident this week (see #3 above) has broader implications beyond Instagram. Meta patched the vulnerability in early June 2026 but hasn’t revealed how many accounts were compromised. _Businesses rushing to deploy AI-powered customer support tools — whether for account recovery, password resets, or identity verification — must ensure these systems include mandatory human escalation paths, audit logging, and robust identity verification that cannot be fooled by social engineering alone._

**The risk is not just theoretical:** AI support bots that can modify accounts represent an entirely new attack surface that most security frameworks have not yet accounted for.![Dmarc Record Generator 5091](https://media.mailhop.org/dmarcreport/dmarc-record-generator-5091-1781091911741.jpg)

## Check Point Also Discloses Second VPN Vulnerability — CVE-2026-50752 Enables Man-in-the-Middle Attacks

Beyond the critical zero-day (see #1 above), Check Point also identified a second vulnerability, [CVE-2026-50752](https://www.scworld.com/brief/check-point-patches-critical-vpn-flaw-exploited-in-zero-day-attacks), related to **certificate validation** in IKEv1, which could be used in man-in-the-middle attacks on site-to-site VPNs, though no exploitation has been confirmed in the wild for this second flaw.

The double disclosure in a single week from a major security vendor underscores how **legacy protocol support** — particularly the aging IKEv1 — continues to create compounding risk for enterprise environments. Security teams should treat both CVEs as urgent priorities and review all VPN configurations for deprecated protocols.

![Brad Slavin](https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead for DMARC Report's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Take control of your DMARC reports

Turn raw XML into actionable dashboards. Start free - no credit card required.

[Start Free Trial](https://app.dmarcreport.com/) [Check Your DMARC Record](/tools/dmarc-checker/) 

## Related Articles

[  Intermediate 4m  10 Reasons Why DKIM Fails  Apr 19, 2022 ](/blog/10-reasons-why-dkim-fails/)[  Intermediate 8m  Best DMARC Reporting Tools in 2026: Honest Comparison  Mar 25, 2026 ](/blog/best-dmarc-reporting-tools-2026/)[  Intermediate 8m  Decoding I-Tag DKIM Vulnerability and Its Impact on Email Deliverability and Security  Jun 6, 2024 ](/blog/decoding-i-tag-dkim-vulnerability-and-its-impact-on-email-security/)[  Intermediate 3m  Device Code Phishing, iOS 18 Relief, Global Fraud Disrupted  Apr 9, 2026 ](/blog/device-code-phishing-ios-18-relief-global-fraud-disrupted/)

```json
{"@context":"https://schema.org","@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"DMARC Report","url":"https://dmarcreport.com","description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","publisher":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"Critical VPN Exploitation, WhatsApp Phishing Dispute, Instagram Accounts Hijacked","description":"Cybersecurity roundup: Check Point VPN exploits, Meta-NSO clash, Instagram account hijacks, Dashlane breach, Cisco flaws, and rising cyber threats.","url":"https://dmarcreport.com/blog/critical-vpn-exploitation-whatsapp-phishing-dispute-instagram-accounts-hijacked/","datePublished":"2026-06-10T00:00:00.000Z","dateModified":"2026-06-10T00:00:00.000Z","dateCreated":"2026-06-10T00:00:00.000Z","author":{"@type":"Person","@id":"https://dmarcreport.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://dmarcreport.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://dmarcreport.com/blog/critical-vpn-exploitation-whatsapp-phishing-dispute-instagram-accounts-hijacked/"},"articleSection":"intermediate","keywords":"","image":{"@type":"ImageObject","url":"https://media.mailhop.org/dmarcreport/gmail-dmarc-3978-1781092981136.jpg","caption":"cybersecurity news"},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}]
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://dmarcreport.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://dmarcreport.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://dmarcreport.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Critical VPN Exploitation, WhatsApp Phishing Dispute, Instagram Accounts Hijacked","item":"https://dmarcreport.com/blog/critical-vpn-exploitation-whatsapp-phishing-dispute-instagram-accounts-hijacked/"}]}
```