The data and endpoint security landscape is always changing, and news happens fast. Each week we recap some of the top security news stories to help you stay informed. Here’s what happened this week.

Using what’s known as an angler phishing scheme,  several fake PayPal support accounts have popped up on Twitter lately. Users who tweet to @PayPal looking for help, instead get an answer from one of these fake accounts, who direct them to a login page that can harvest their username and password.

For those following this year’s UK Cyber Security Challenge, ten more finalists have been announced, bringing the total up to 42 cybersecurity challengers who will compete in November.

Another old hack has resulted in a present-day data breach. More than 98 million users have been affected in a data leak from the 2012 hack of Rambler.ru, a popular Russian search engine.

An investigation was released this week concerning the two data breaches that occurred at the U.S. Office of Personnel Management (OPM), which were detected in 2014 and 2015. The result? Both breaches could have been either mitigated or prevented if the federal agency had followed basic cyber security recommendations.

Google plans to roll out some new security enhancements with Android Nougat, including better boot process and better encryption.