Tag: email
-
China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan
Tags: attack, china, cyber, email, espionage, finance, government, group, phishing, service, spear-phishing, technologyA new cyber espionage campaign codenamed Operation Dragon Weave has been observed targeting officials and citizens in the Czech Republic and Taiwan to deliver an AdaptixC2 agent.According to Seqrite Labs, targets of the campaign include government, research, academic, technology, and financial services sectors. The activity entails distributing spear-phishing emails containing ZIP attachments First seen on…
-
China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan
Tags: attack, china, cyber, email, espionage, finance, government, group, phishing, service, spear-phishing, technologyA new cyber espionage campaign codenamed Operation Dragon Weave has been observed targeting officials and citizens in the Czech Republic and Taiwan to deliver an AdaptixC2 agent.According to Seqrite Labs, targets of the campaign include government, research, academic, technology, and financial services sectors. The activity entails distributing spear-phishing emails containing ZIP attachments First seen on…
-
Fake Purchase Order Emails Spread Fileless PureLogs Malware via RAR Archives
Hackers are using fake purchase order emails and process hollowing to deploy fileless PureLogs malware to steal Windows users’ browser, crypto, and Discord data. First seen on hackread.com Jump to article: hackread.com/purchase-emails-fileless-purelogs-malware-rar-archives/
-
Security Affairs newsletter Round 579 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. ShinyHunters Leaks Charter Communications Data, Potentially Impacting 5 Million Customers Signal Phishing Campaign Targets Journalists and…
-
Malicious PDF LNK Files Deploy Cobalt Strike in Operation Dragon Whistle
A newly uncovered cyber campaign dubbed “Operation Dragon Whistle” is targeting China’s education sector with highly tailored spear-phishing attacks that deploy Cobalt Strike beacons via deceptive PDF/LNK files. The attackers crafted emails that impersonate official university communications, urging students and faculty to review an important testing notice. The message includes a ZIP attachment named in…
-
Product showcase: F-Secure Internet Security blocks phishing sites, fake stores, and SMS scams
F-Secure Internet Security protects against viruses, ransomware, spyware, infected email attachments, and other cyber threats. It focuses on securing devices and online … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/26/product-showcase-f-secure-internet-security-android/
-
Demystifying Claude: Signal vs. Speculation
What Claude Mythos Reveals About AI Capability, Control and Risk A researcher’s phone buzzed with an email from an AI that wasn’t supposed to have internet access. The real story isn’t about rogue machines; it’s about what happens when AI capability outpaces our ability to interpret, validate and govern it. First seen on govinfosecurity.com Jump…
-
Security Affairs newsletter Round 578 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. CVE-2026-9082: Drupal’s Highly Critical SQL Injection Flaw Is Already Under Active Attack Why pure extortion is…
-
Ghostwriter Is Back, Using a Ukrainian Learning Platform as Bait to Hit Government Targets
Ghostwriter targeted Ukrainian government agencies with phishing emails delivering malware and Cobalt Strike payloads. The Belarus-nexus APT group Ghostwriter (also tracked as UAC-0057 and UNC1151) has resurfaced with a new phishing campaign targeting Ukrainian government organizations. This time the lure is Prometheus, a legitimate Ukrainian online learning platform that many government employees actually use. Using…
-
FBI Director’s Former Apparel Brand Hit by Malware
Malware Targeted macOS Users Visiting Patel Foundation Merchandise Page. Two months after Iran-linked hackers exfiltrated FBI Director Kash Patel’s personal email, the government official’s name is tangled up in another cyber incident, this time through a MAGA swag shop he co-founded. ClickFix malware on the site tried to trick shoppers into running a malicious command.…
-
Ocean Targets AI Email Attacks
First seen on scworld.com Jump to article: www.scworld.com/brief/ocean-targets-ai-email-attacks
-
Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware
The Belarus-aligned threat actor known as Ghostwriter (aka UAC-0057 and UNC1151Ukraine’s National Security and Defense Council) has been observed using lures related to Prometheus, a Ukrainian online learning platform, to target government organizations in the country.The activity, per the Computer Emergency Response Team of Ukraine (CERT-UA), involves sending phishing emails to government First seen on…
-
Belarus-linked hackers use fake training certificates to target Ukrainian officials
A Belarus-linked hacking group known as GhostWriter has launched a new espionage campaign against Ukrainian government officials using fake emails disguised as messages from a popular online learning platform to deliver malware. First seen on therecord.media Jump to article: therecord.media/oysterfresh-belarus-linked-campaign-targets-ukraine
-
‘Creepy’ Listening Tool for Targeted Ads Didn’t Actually Work, FTC Says
Three firms will pay nearly $1 million for selling “Active Listening” technology that they claimed tapped people’s phones for advertising. The FTC alleges the “tech” was just pricey email lists. First seen on wired.com Jump to article: www.wired.com/story/creepy-listening-tool-for-targeted-ads-didnt-actually-work-ftc-says/
-
‘Creepy’ Listening Tool for Targeted Ads Didn’t Actually Work, FTC Says
Three firms will pay nearly $1 million for selling “Active Listening” technology that they claimed tapped people’s phones for advertising. The FTC alleges the “tech” was just pricey email lists. First seen on wired.com Jump to article: www.wired.com/story/creepy-listening-tool-for-targeted-ads-didnt-actually-work-ftc-says/
-
Scammers are abusing an internal Microsoft account to send spam links
The loophole allows spammers and scammers to send emails from a legitimate Microsoft email address typically used for sending genuine account alerts. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/21/scammers-are-abusing-an-internal-microsoft-account-to-send-spam/
-
Customers say Trump Mobile is leaking their personal information
Trump Mobile is leaking customers’ email and home addresses, but has not responded to people alerting the company of the data exposure, according to two YouTubers who said they verified that their leaked data is authentic. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/20/customers-say-trump-mobile-is-leaking-their-personal-information/
-
From teen hacker to Iron Dome researcher, this founder raised $28M to fight AI phishing
Ocean, an agentic email security platform, raised funding from Lightspeed Venture Partners. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/19/from-teen-hacker-to-iron-dome-researcher-this-founder-raised-28m-to-fight-ai-phishing/
-
SEPPMail Secure E-Mail Gateway Vulnerabilities Enable RCE and Mail Traffic Access
Critical security vulnerabilities have been disclosed in SEPPMail Secure E-Mail Gateway, an enterprise-grade email security solution, that could be exploited to achieve remote code execution and enable an attacker to read arbitrary mails from the virtual appliance.”These vulnerabilities could have been exploited to read all mail traffic or as an entry vector into the internal…
-
Public Instagram posts provide raw material for AI phishing campaigns
A handful of public Instagram posts can give attackers enough material to generate convincing phishing emails with GenAI. Research from the University of Texas at Arlington … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/19/social-media-phishing-ai-generated-emails/
-
SEPPmail Gateway Flaws Expose Organizations to RCE and Email Traffic Interception
Multiple critical vulnerabilities in the SEPPmail Secure E-Mail Gateway are putting thousands of organizations at risk of remote code execution (RCE) and the interception of sensitive email. The flaws, tracked under several CVEs, impact widely deployed SEPPmail appliances used for encrypted email communication, particularly across the DACH region (Germany, Austria, Switzerland). Security researchers warn that…
-
How to Reduce Phishing Exposure Before It Turns into Business Disruption
What happens when a phishing email looks clean enough to pass through security, but dangerous enough to expose the business after one click? That is the gap many SOCs still struggle with: the attacks that leave teams unsure what was exposed, who else was targeted, and how far the risk has spread.Early phishing detection closes…
-
Paper Werewolf APT Spreads EchoGather RAT via Fake Adobe Installer
A sophisticated Russian-language threat cluster known asPaper Werewolf(also tracked as GOFFEE) has launched a fresh wave of targeted cyberattacks against Russian industrial, financial, and transport organizations between March and April 2026. The attack begins with a phishing email carrying a PDF attachment. Embedded inside the PDF is a URL pointing to a ZIP archive named…
-
Hackers Hide PureLogs Infostealer in PawsRunner Loader
Threat actors are increasingly hiding malware inside seemingly harmless files, and a new campaign shows just how effective this tactic has become. The attack begins with a phishing email carrying a TXZ archive attachment. Disguised as an urgent invoice, the file pressures victims into opening it quickly. Once extracted, the archive reveals a JavaScript file…
-
Security Affairs newsletter Round 577 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Attackers exploit Funnel Builder bug to inject e-skimmers into e-stores Pwn2Own Berlin 2026, Day Three: DEVCORE…
-
Expired domain leads to supply chain attack on node-ipc npm package
require(‘node-ipc’). The trojanized versions were designed to remain fully functional to avoid immediate detection, which together with other decisions attackers took, such as data exfiltration via DNS TXT, suggest stealthiness was a top priority.Once executed, the malicious code collects information about the host system, including operating system version, hostname, and environment variables. It then starts…
-
Exchange Server zero-day vulnerability can be triggered by opening a malicious email
Tags: automation, data, email, malicious, microsoft, mitigation, risk, service, tactics, update, vulnerability, zero-dayKnown issues with mitigation tactics: However, admins should note there are known issues once the mitigation is applied either manually or automatically through the EM Service.OWA Print Calendar functionality might not work. As a workaround, copy the data or screenshot the calendar you want to print, or use Outlook Desktop client. Inline images might not…
-
On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email
Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come under active exploitation in the wild.The vulnerability, tracked as CVE-2026-42897 (CVSS score: 8.1), has been described as a spoofing bug stemming from a cross-site scripting flaw. An anonymous researcher has been credited with discovering and reporting the…
-
Cyber-Enabled Cargo Crime: How Cybercrime Tradecraft is Used to Steal Freight
Cargo theft now starts with phishing emails and stolen credentials, not hijackings, to reroute and steal freight from supply chains. NMFTA outlines how cyber-enabled cargo crime is changing transportation security. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cyber-enabled-cargo-crime-how-cybercrime-tradecraft-is-used-to-steal-freight/

