Cyber Security News
Tycoon 2FA Phishing Kit Using Specially Crafted Code to Evade Detection
The rapid evolution of Phishing-as-a-Service (PhaaS) platforms is reshaping the threat landscape, enabling attackers to launch increasingly sophisticated phishing campaigns.One such advanced PhaaS platform, Tycoon, has seen widespread...
Cyber Crime
FlowerStorm PaaS Platform Attacking Microsoft Users With Fake Login Pages
Rockstar2FA is a PaaS kit that mimics the legitimate credential-request behavior of cloud/SaaS platforms. Phishing campaigns are delivered via Telegram and use unique URLs...
Cyber Security News
Hackers Exploiting California Wildfire Sparks to Launching Phishing Attacks
As California grapples with devastating wildfires, communities are rallying to protect lives and property. Unfortunately, these disasters have also created an opportunity for cybercriminals...
Cyber Crime
Hackers Using YouTube Links and Microsoft 365 Themes to Steal Logins
Cybercriminals are executing sophisticated phishing attacks targeting Microsoft 365 users by employing deceptive URLs that closely resemble legitimate O365 domains, creating a high degree...
Cyber Crime
Hackers Targeting Users Who Lodged Complaints On Government portal To Steal Credit Card Data
Fraudsters in the Middle East are exploiting a vulnerability in the government services portal. By impersonating government officials, they target individuals who have filed...
Cyber Security News
Beware! Fake Crowdstrike Recruitment Emails Spread Cryptominer Malware
CrowdStrike, a leader in cybersecurity, uncovered a sophisticated phishing campaign that leverages its recruitment branding to propagate malware disguised as an "employee CRM application."This...
Cyber Security News
New PayPal Phishing Abusing Microsoft365 Domains for Sophisticated Attacks
A new and sophisticated phishing scam has been uncovered, leveraging Microsoft 365 domains to trick users into compromising their PayPal accounts.The attack exploits legitimate-looking...
Cyber Crime
New WordPress Plugin That Weaponizes Legit Sites To Steal Customer Payment Data
Cybercriminals have developed PhishWP, a malicious WordPress plugin, to facilitate sophisticated phishing attacks, which enable attackers to create convincing replicas of legitimate payment gateways,...
Cyber Crime
Hackers Mimic Social Security Administration To Deliver ConnectWise RAT
A phishing campaign spoofing the United States Social Security Administration emerged in September 2024, delivering emails with embedded links to a ConnectWise Remote Access...
Cyber Security News
Researchers Uncover Phishing-As-A-Service Domains Associated With Tycoon 2FA
The Tycoon 2FA platform is a Phishing-as-a-Service (PhaaS) tool that enables cybercriminals to easily launch sophisticated phishing attacks targeting two-factor authentication (2FA). It provides a...
Cyber Security News
New Python NodeStealer Attacking Facebook Business To Steal Login Credentials
NodeStealer, initially a JavaScript-based malware, has evolved into a more sophisticated Python-based threat that targets Facebook Ads Manager accounts, stealing sensitive financial and business...