Friday, April 4, 2025

Phishing

New Phishing Campaign Targets Investors to Steal Login Credentials

Symantec has recently identified a sophisticated phishing campaign targeting users of Monex Securities (マネックス証券), a prominent online securities company in Japan formed through the merger of Monex, Inc. and...

Hackers Exploit Cloudflare for Advanced Phishing Attacks

A sophisticated phishing campaign orchestrated by a Russian-speaking threat actor has been uncovered, revealing the abuse of Cloudflare services and Telegram for malicious purposes....

New Surge of IRS-Themed Attacks Targets Taxpayers’ Mobile Devices

As the U.S. tax filing deadline approaches, cybercriminals are intensifying their efforts to exploit taxpayers through a new wave of IRS-themed scams.Research from...

Hackers Distributing Phishing Malware Via SVG Format To Bypass File Detection

Cybersecurity experts at the AhnLab Security Intelligence Center (ASEC) have uncovered a novel phishing malware distribution method leveraging the Scalable Vector Graphics (SVG) file...

Gamaredon Hackers Weaponize LNK Files to Deliver Remcos Backdoor

Cisco Talos has uncovered an ongoing cyber campaign by the Gamaredon threat actor group, targeting Ukrainian users with malicious LNK files to deliver the...

Hackers Exploit DNS MX Records to Create Fake Logins Imitating 100+ Brands

Cybersecurity researchers have discovered a sophisticated phishing-as-a-service (PhaaS) platform, dubbed "Morphing Meerkat," that leverages DNS mail exchange (MX) records to dynamically serve tailored phishing...

Hackers Exploit MailChimp Email Marketing Platform Using Phishing and Social Engineering Tactics

Cybercriminals are increasingly targeting MailChimp, a popular email marketing platform, through sophisticated phishing and social engineering attacks.Recent incidents reveal compromised accounts being used...

Large-Scale Phishing Campaign Targets Defense and Aerospace Companies

A recent investigation by DomainTools Investigations (DTI) has uncovered a massive phishing infrastructure targeting defense and aerospace entities, particularly those linked to the conflict...

Lucid PhAAS Platform Uses RCS and iMessage to Evade Detection

The cybersecurity landscape has been disrupted by the emergence of Lucid, a sophisticated Phishing-as-a-Service (PhAAS) platform developed by Chinese-speaking threat actors.This advanced toolkit...

New Phishing Campaign Targets Mac Users to Steal Login Credentials

A sophisticated phishing campaign, recently identified by LayerX Labs, has shifted its focus from Windows users to Mac users in response to enhanced security...

New Phishing Attack Uses Browser-in-the-Browser Technique to Target Gamers

A sophisticated phishing campaign has been uncovered by Silent Push threat analysts, employing the browser-in-the-browser (BitB) technique to target gamers, particularly those playing Counter-Strike...