Rockstar2FA is a PaaS kit that mimics the legitimate credential-request behavior of cloud/SaaS platforms. Phishing campaigns are delivered via Telegram…
Cybercriminals are executing sophisticated phishing attacks targeting Microsoft 365 users by employing deceptive URLs that closely resemble legitimate O365 domains,…
Researchers reported a phishing attack on December 4th, 2024, where malicious emails purportedly from the Ukrainian Union of Industrialists and…
Cybercriminals online take advantage of well-known events to register malicious domains with keywords related to the event, with the intention…
Cloudflare Pages, a popular web deployment platform, is exploited by threat actors to host phishing sites, as attackers leverage Cloudflare's…
The threat actors distributed malicious JS scripts disguised as legitimate business documents, primarily in ZIP archives with names like "Purchase…
APT-C-60 launched a phishing attack in August 2024, targeting domestic organizations with malicious emails disguised as job applications. These emails,…
Phishing attackers used Google Docs to deliver malicious links, bypassing security measures and redirecting victims to fake login pages hosted…
North Korean IT workers, operating under the cluster CL-STA-0237, have been implicated in recent phishing attacks leveraging malware-infected video conference…
Researchers warn of ongoing spear-phishing attacks by Russian threat actor Midnight Blizzard targeting individuals in various sectors. The attacks involve…