Tuesday, April 29, 2025

Email

Hackers Weaponize Google Forms to Bypass Email Security and Steal Login Credentials

Threat actors are increasingly leveraging Google Forms, the tech giant’s widely-used form and quiz-building tool, to orchestrate sophisticated phishing and malware distribution campaigns. Since its launch in 2008, Google Forms...

Fake Certificate Issued for Alibaba Cloud After SSL.com Validation Trick

A critical vulnerability in SSL.com’s domain validation process allowed unauthorized parties to fraudulently obtain TLS certificates for high-profile domains, including Alibaba Cloud’s aliyun.com, researchers revealed...

Cybercriminals Deploy FOG Ransomware Disguised as DOGE via Malicious Emails

A new variant of the FOG ransomware has been identified, with attackers exploiting the name of the Department of Government Efficiency (DOGE) to mislead...

Threat Actors Leverage Email Bombing to Evade Security Tools and Conceal Malicious Activity

Threat actors are increasingly using email bombing to bypass security protocols and facilitate further malicious endeavors. Email bombing, known also as a "spam bomb," involves...

Morphing Meerkat: A PhaaS Utilizing DNS Reconnaissance to Generate Targeted Phishing Pages

Originally discovered in 2020 as a Phishing-as-a-Service (PhaaS) platform, Morphing Meerkat has since evolved into a sophisticated cybercriminal tool. Initially capable of mimicking login...

Beware! Weaponized Job Recruitment Emails Spreading BeaverTail and Tropidoor Malware

A concerning malware campaign was disclosed by the AhnLab Security Intelligence Center (ASEC), revealing how threat actors are leveraging fake recruitment emails to distribute...

PoisonSeed Targets CRM and Bulk Email Providers in New Supply Chain Phishing Attack

A sophisticated phishing campaign, dubbed "PoisonSeed," has been identified targeting customer relationship management (CRM) and bulk email providers to facilitate cryptocurrency-related scams. The...

Malicious PDFs Responsible for 22% of All Email-Based Cyber Threats

Malicious PDF files have emerged as a dominant threat vector in email-based cyberattacks, accounting for 22% of all malicious email attachments, according to a...

Hackers Exploit MailChimp Email Marketing Platform Using Phishing and Social Engineering Tactics

Cybercriminals are increasingly targeting MailChimp, a popular email marketing platform, through sophisticated phishing and social engineering attacks. Recent incidents reveal compromised accounts being used...

Threat Actors Use Fake Booking.com Emails to Deceive Hotel Staff and Gain System Access

A sophisticated phishing campaign targeting the hospitality industry has been uncovered, with threat actors impersonating Booking.com to gain access to hotel systems and customer...

Hackers Use Fake Meta Emails to Steal Ad Account Credentials

A recent phishing campaign uncovered by the Cofense Phishing Defense Center (PDC) has been exploiting fake Meta emails to deceive users into surrendering their...