Browser
Tycoon 2FA Phishing Kit Uses Advanced Evasion Techniques to Bypass Endpoint Detection Systems
The notorious Tycoon 2FA phishing kit continues its evolution with new strategies designed to slip past endpoint detection systems.This development was highlighted in a recent analysis, showcasing several...
cyber security
Chinese eCrime Group Targets Users in 120+ Countries to Steal Banking Credentials
Smishing Triad, a Chinese eCrime group, has launched an extensive operation targeting users across more than 121 countries.This campaign, primarily focused on stealing banking...
cyber security
GOFFEE Deploys PowerModul in Coordinated Strikes on Government and Energy Networks
The threat actor known as GOFFEE has launched a series of targeted attacks against critical sectors within the Russian Federation, utilizing advanced malware and...
APT
Russian APT Hackers Use Device Code Phishing Technique to Bypass MFA
Russian state-backed advanced persistent threat (APT) group Storm-2372 has exploited device code phishing to bypass multi-factor authentication (MFA) and infiltrate high-value targets across governments,...
Cyber Attack
Scattered Spider Launches Sophisticated Attacks to Steal Login Credentials and MFA Tokens
The cyber threat landscape has witnessed remarkable adaptation from the notorious hacker collective known as Scattered Spider.Active since at least 2022, this group...
cyber security
Hellcat Ransomware Upgrades Arsenal to Target Government, Education, and Energy Sectors
The cybersecurity community has raised alarms over the rapid evolution of the Hellcat ransomware group, which has escalated its tactics to target critical sectors....
cyber security
New GIFTEDCROOK Stealer Targets Government Organizations to Exfiltrate Sensitive Data
Cybersecurity experts have uncovered an alarming escalation in cyber-espionage operations targeting Ukrainian critical sectors, as outlined in CERT-UA's latest alert, CERT-UA#14303.The campaign, attributed...
cyber security
Morphing Meerkat: A PhaaS Utilizing DNS Reconnaissance to Generate Targeted Phishing Pages
Originally discovered in 2020 as a Phishing-as-a-Service (PhaaS) platform, Morphing Meerkat has since evolved into a sophisticated cybercriminal tool.Initially capable of mimicking login...
AI
AI Surpasses Elite Red Teams in Crafting Effective Spear Phishing Attacks
In a groundbreaking development in the field of cybersecurity, AI has reached a pivotal moment, surpassing elite human red teams in the creation of...
cyber security
PoisonSeed Targets CRM and Bulk Email Providers in New Supply Chain Phishing Attack
A sophisticated phishing campaign, dubbed "PoisonSeed," has been identified targeting customer relationship management (CRM) and bulk email providers to facilitate cryptocurrency-related scams.The...
Android
Beware! Fake Unpaid Tolls Messages Used in Phishing Attack to Steal Login Credentials
A surge in phishing text messages claiming unpaid tolls has been linked to a massive phishing-as-a-service (PhaaS) operation.These scams, which have been hitting...