Tag: email
-
Microsoft spots LLM-obfuscated phishing attack
Cybercriminals are increasingly using AI-powered tools and (malicious) large language models to create convincing, error-free emails, deepfakes, online personas, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/25/microsoft-spots-llm-obfuscated-phishing-attack/
-
New Phishing Scam Aims at PyPI Maintainers to Steal Login Information
A fresh wave of domain-confusion phishing emails is sweeping through the Python community, once again setting its sights on PyPI maintainers. As malicious actors continually swap out domain names, PyPI users must remain vigilant and adopt stronger safeguards to protect their accounts. In this latest iteration, maintainers receive an unsolicited email urging them to “verify…
-
New Phishing Scam Aims at PyPI Maintainers to Steal Login Information
A fresh wave of domain-confusion phishing emails is sweeping through the Python community, once again setting its sights on PyPI maintainers. As malicious actors continually swap out domain names, PyPI users must remain vigilant and adopt stronger safeguards to protect their accounts. In this latest iteration, maintainers receive an unsolicited email urging them to “verify…
-
SpamGPT Amps Up Enterprise Email Security Threats
Researchers warn that SpamGPT, an AI-powered spam and phishing toolkit, lowers the barrier for cybercriminals with scalable, evasive email attacks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/spamgpt-amps-up-enterprise-email-security-threats/
-
State-Sponsored Hackers Exploiting Libraesva Email Security Gateway Vulnerability
Libraesva has released a security update to address a vulnerability in its Email Security Gateway (ESG) solution that it said has been exploited by state-sponsored threat actors.The vulnerability, tracked as CVE-2025-59689, carries a CVSS score of 6.1, indicating medium severity.”Libraesva ESG is affected by a command injection flaw that can be triggered by a malicious…
-
Iran Targets Job-Seeking European Aerospace Engineers
Iranian Hackers Impersonate Online Recruiters. Western Europeans working in aerospace, defense manufacturing or telecoms are receiving waves of emails from putative job recruiters who actually are Iranian state hackers ready to unleash a backdoor and an infostealer. Check Point tracks the threat actor as Nimbus Manticore. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/iran-targets-job-seeking-european-aerospace-engineers-a-29517
-
OpenAI Fixes Gmail Data Flaw in ChatGPT Agent
Attackers Could Siphon Gmail Data Unnoticed From Users Who Let AI Tool Access Email. OpenAI patched a flaw in ChatGPT’s Deep Research agent that could have enabled hackers to extract Gmail data without the user’s knowledge. Radware researchers said the flaw affected subscribers who authorized the artificial intelligence tool to access their email accounts. First…
-
Libraesva ESG issues emergency fix for bug exploited by state hackers
Libraesva rolled out an emergency update for its Email Security Gateway solution to fix a vulnerability exploited by threat actors believed to be state sponsored. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/libraesva-esg-issues-emergency-fix-for-bug-exploited-by-state-hackers/
-
‘Our worst day’: The untold story of the Electoral Commission cyber attack
As head of digital at The Electoral Commission, Andrew Simpson’s mettle was tested when threat actors gained access to the regulator’s email systems and accessed sensitive voter data. Three years on, he tells his story to Computer Weekly First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366631525/Our-worst-day-The-untold-story-of-the-Electoral-Commission-cyber-attack
-
How Do Online Gaming Sites Keep Players and Their Data Safe?
Online gaming relies on trust. Players share their email addresses, payment details, and activity data every time they log in. Without strong protection, that information could be exposed or misused. Platforms treat security as part of the service itself, not an extra feature. Encryption, identity checks, system defenses, and fraud monitoring all run in the…
-
New npm Malware Steals Browser Passwords via Steganographic QR Code
A novel npm package named fezbox has been uncovered by the Socket Threat Research Team as a sophisticated malware delivery mechanism that exfiltrates username and password credentials from browser cookies via an embedded QR code. Published under the npm alias janedu (registration email janedu0216@gmail[.]com), the package masquerades as a harmless JavaScript/TypeScript utility library while quietly…
-
6 novel ways to use AI in cybersecurity
Tags: access, ai, attack, authentication, business, ceo, cloud, cyberattack, cybersecurity, data, defense, detection, email, infrastructure, intelligence, malicious, malware, network, phishing, risk, service, tactics, technology, threat, tool, training2. Machine-learning generative adversarial networks: Michel Sahyoun, chief solutions architect with cybersecurity technology firm NopalCyber, recommends using generative adversarial networks (GANs) to create, as well as protect against, highly sophisticated previously unseen cyberattacks. “This technique enables cybersecurity systems to learn and adapt by training against a very large number of simulated threats,” he says.GANs allow…
-
6 novel ways to use AI in cybersecurity
Tags: access, ai, attack, authentication, business, ceo, cloud, cyberattack, cybersecurity, data, defense, detection, email, infrastructure, intelligence, malicious, malware, network, phishing, risk, service, tactics, technology, threat, tool, training2. Machine-learning generative adversarial networks: Michel Sahyoun, chief solutions architect with cybersecurity technology firm NopalCyber, recommends using generative adversarial networks (GANs) to create, as well as protect against, highly sophisticated previously unseen cyberattacks. “This technique enables cybersecurity systems to learn and adapt by training against a very large number of simulated threats,” he says.GANs allow…
-
EV charging biz zaps customers with data leak scare
Names, emails unplugged in DCS support snafu but ‘billing is safe’ First seen on theregister.com Jump to article: www.theregister.com/2025/09/23/dcs_data_breach/
-
Libraesva ESG Vulnerability Allows Attackers to Execute Malicious Commands
A critical command injection vulnerability in Libraesva ESG email security gateways has been discovered, allowing attackers to execute arbitrary commands through specially crafted compressed email attachments. The vulnerability, designated CVE-2025-59689, affects versions starting from 4.5 and has already been exploited by what appears to be a foreign state actor. Diagram showing how command injection attacks…
-
EV charging biz zaps customers with data leak scare
Names, emails unplugged in DCS support snafu but ‘billing is safe’ First seen on theregister.com Jump to article: www.theregister.com/2025/09/23/dcs_data_breach/
-
Microsoft DCU’s Takedown of RaccoonO365
When I saw the name of the Microsoft Digital Crime Unit’s latest target, “RaccoonO365” I probably reacted to it differently than most. With the help of a friend in Lagos, we’ve been watching the money launderers and things have reached a point that they now refer to what we previously called “Business Email Compromise” or…
-
Fake Ukrainian Police Emails Spread New CountLoader Malware Loader
A new malware loader, CountLoader, has been discovered by cybersecurity firm Silent Push. This threat is linked to prominent Russian ransomware gangs, including LockBit, BlackBasta, and Qilin, and is being used as an initial access broker. First seen on hackread.com Jump to article: hackread.com/fake-ukrainian-police-emails-countloader-malware-loader/
-
Why attackers are moving beyond email-based phishing attacks
Phishing isn’t just email anymore. Attackers now use social media, chat apps & malicious ads to steal credentials. Push Security explains the latest tactics and shows how to stop multi-channel phishing where it happens, inside the browser. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/why-attackers-are-moving-beyond-email-based-phishing-attacks/
-
Fake Ukrainian Police Emails Spread New CountLoader Malware Loader
A new malware loader, CountLoader, has been discovered by cybersecurity firm Silent Push. This threat is linked to prominent Russian ransomware gangs, including LockBit, BlackBasta, and Qilin, and is being used as an initial access broker. First seen on hackread.com Jump to article: hackread.com/fake-ukrainian-police-emails-countloader-malware-loader/
-
AI-powered phishing scams now use fake captcha pages to evade detection
The attack playbook: The phishing campaigns follow a familiar playbook at the outset. Victims typically receive spam emails that carry urgent, action-oriented messages such as “Password Reset Required” or “USPS Change of Address Notification”.Clicking on the embedded link doesn’t take the user directly to a credential-stealing site but instead loads what appears to be a…
-
AI-powered phishing scams now use fake captcha pages to evade detection
The attack playbook: The phishing campaigns follow a familiar playbook at the outset. Victims typically receive spam emails that carry urgent, action-oriented messages such as “Password Reset Required” or “USPS Change of Address Notification”.Clicking on the embedded link doesn’t take the user directly to a credential-stealing site but instead loads what appears to be a…
-
Car giant Stellantis says customer data nicked after partner vendor pwned
Automaker insists only names and emails exposed, no financials First seen on theregister.com Jump to article: www.theregister.com/2025/09/22/stellantis_breach/
-
Cybercriminals Exploit ICS Computers via Scripts and Phishing Attacks
Industrial control systems (ICS) continue to face increasing cybersecurity challenges as threat actors employ sophisticated malicious scripts and phishing campaigns to target critical infrastructure. According to new data from Q2 2025, while overall attack rates have shown a marginal decline, specific threat vectors including email-based attacks and malicious documents are intensifying their assault on industrial…
-
Security Affairs newsletter Round 542 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. A cyberattack on Collins Aerospace disrupted operations at major European airports CISA warns of malware deployed…
-
New Botnet Exploits Simple DNS Flaws That Leads to Massive Cyber Attack
Cybersecurity researchers have uncovered a sophisticated Russian botnet operation that leveraged DNS misconfigurations and compromised MikroTik routers to deliver malware through massive spam campaigns. The discovery reveals how threat actors exploited simple DNS errors to bypass email security protections and distribute malicious payloads on a global scale. The investigation began in November 2024 when researchers…
-
ShadowLeak Zero-Click Flaw Leaks Gmail Data via OpenAI ChatGPT Deep Research Agent
Cybersecurity researchers have disclosed a zero-click flaw in OpenAI ChatGPT’s Deep Research agent that could allow an attacker to leak sensitive Gmail inbox data with a single crafted email without any user action.The new class of attack has been codenamed ShadowLeak by Radware. Following responsible disclosure on June 18, 2025, the issue was addressed by…
-
‘ShadowLeak’ ChatGPT Attack Allows Hackers to Invisibly Steal Emails
The loophole allows cyberattackers to exfiltrate company data via OpenAI’s infrastructure, leaving no trace at all on enterprise systems. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/shadowleak-chatgpt-invisibly-steal-emails