Tag: phishing
-
UNK_SmudgedSerpent Targets Academics With Political Lures
A previously unknown cyber actor UNK_SmudgedSerpent has been observed targeting academics with phishing and malware, merging techniques from Iranian groups First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/unksmudgedserpent-targets-academics/
-
APT60 Campaign: Malicious VHDX Hosted on Google Drive Lures Job Applicants
JPCERT/CC has issued an urgent warning about ongoing attacks by the advanced persistent threat group APT-C-60, which continues to target recruitment professionals in Japan through sophisticated spear-phishing campaigns. The attack campaign specifically impersonates job seekers contacting recruitment staff, exploiting the natural workflow of human resources professionals who regularly review candidate submissions. Between June and August…
-
HackedGPT: Novel AI Vulnerabilities Open the Door for Private Data Leakage
Tenable Research has discovered seven vulnerabilities and attack techniques in ChatGPT, including unique indirect prompt injections, exfiltration of personal user information, persistence, evasion, and bypass of safety mechanisms. Key takeaways: Tenable Research has discovered multiple new and persistent vulnerabilities in OpenAI’s ChatGPT that could allow an attacker to exfiltrate private information from users’ memories and…
-
HackedGPT: Novel AI Vulnerabilities Open the Door for Private Data Leakage
Tenable Research has discovered seven vulnerabilities and attack techniques in ChatGPT, including unique indirect prompt injections, exfiltration of personal user information, persistence, evasion, and bypass of safety mechanisms. Key takeaways: Tenable Research has discovered multiple new and persistent vulnerabilities in OpenAI’s ChatGPT that could allow an attacker to exfiltrate private information from users’ memories and…
-
HackedGPT: Novel AI Vulnerabilities Open the Door for Private Data Leakage
Tenable Research has discovered seven vulnerabilities and attack techniques in ChatGPT, including unique indirect prompt injections, exfiltration of personal user information, persistence, evasion, and bypass of safety mechanisms. Key takeaways: Tenable Research has discovered multiple new and persistent vulnerabilities in OpenAI’s ChatGPT that could allow an attacker to exfiltrate private information from users’ memories and…
-
APT60 Campaign: Malicious VHDX Hosted on Google Drive Lures Job Applicants
JPCERT/CC has issued an urgent warning about ongoing attacks by the advanced persistent threat group APT-C-60, which continues to target recruitment professionals in Japan through sophisticated spear-phishing campaigns. The attack campaign specifically impersonates job seekers contacting recruitment staff, exploiting the natural workflow of human resources professionals who regularly review candidate submissions. Between June and August…
-
Silent Lynx APT New Attack Targeting Governmental Employees Posing as Officials
Seqrite Labs’ APT Team has documented fresh campaigns from Silent Lynx, a sophisticated threat actor group known for orchestrating spear-phishing operations that impersonate government officials to target diplomatic and governmental employees across Central Asia. The group, also tracked under aliases including YoroTrooper, Sturgeon Phisher, and Cavalry Werewolf, continues its espionage-focused activities with minimal operational security…
-
NDSS 2025 The Philosopher’s Stone: Trojaning Plugins Of Large Language Models
Tags: attack, conference, control, data, defense, exploit, LLM, malicious, malware, network, open-source, phishing, spear-phishingSESSION Session 2A: LLM Security Authors, Creators & Presenters: Tian Dong (Shanghai Jiao Tong University), Minhui Xue (CSIRO’s Data61), Guoxing Chen (Shanghai Jiao Tong University), Rayne Holland (CSIRO’s Data61), Yan Meng (Shanghai Jiao Tong University), Shaofeng Li (Southeast University), Zhen Liu (Shanghai Jiao Tong University), Haojin Zhu (Shanghai Jiao Tong University) PAPER The Philosopher’s Stone:…
-
Operation SkyCloak Deploys Tor-Enabled OpenSSH Backdoor Targeting Defense Sectors
Threat actors are leveraging weaponized attachments distributed via phishing emails to deliver malware likely targeting the defense sector in Russia and Belarus.According to multiple reports from Cyble and Seqrite Labs, the campaign is designed to deploy a persistent backdoor on compromised hosts that uses OpenSSH in conjunction with a customized Tor hidden service that employs…
-
Operation SkyCloak Deploys Tor-Enabled OpenSSH Backdoor Targeting Defense Sectors
Threat actors are leveraging weaponized attachments distributed via phishing emails to deliver malware likely targeting the defense sector in Russia and Belarus.According to multiple reports from Cyble and Seqrite Labs, the campaign is designed to deploy a persistent backdoor on compromised hosts that uses OpenSSH in conjunction with a customized Tor hidden service that employs…
-
Anatomy of Tycoon 2FA Phishing: Tactics Targeting M365 and Gmail
The Tycoon 2FA phishing kit represents one of the most sophisticated threats targeting enterprise environments today. This Phishing-as-a-Service (PhaaS) platform, which emerged in August 2023, has become a formidable adversary against organizational security, employing advanced evasion techniques and adversary-in-the-middle (AiTM) strategies to bypass multi-factor authentication protections. According to the Any.run malware trends tracker, Tycoon 2FA…
-
OAuth Device Code Phishing: Azure vs. Google Compared
Device code phishing abuses the OAuth device flow, and Google and Azure produce strikingly different attack surfaces. Register for Huntress Labs’ Live Hack to learn about attack techniques, defensive tactics, and get an Identity Security Assessment. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/oauth-device-code-phishing-azure-vs-google-compared/
-
Cyber-espionage campaign mirroring Sandworm TTPs hit Russian and Belarusian military
A spear-phishing campaign aimed to compromise Russian and Belarusian military personnel by using military-themed documents as a lure has been flagged by Cyble and Seqrite … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/03/russian-belarusian-military-spear-phishing/
-
âš¡ Weekly Recap: Lazarus Hits Web3, Intel/AMD TEEs Cracked, Dark Web Leak Tool & More
Cyberattacks are getting smarter and harder to stop. This week, hackers used sneaky tools, tricked trusted systems, and quickly took advantage of new security problems”, some just hours after being found. No system was fully safe.From spying and fake job scams to strong ransomware and tricky phishing, the attacks came from all sides. Even encrypted…
-
âš¡ Weekly Recap: Lazarus Hits Web3, Intel/AMD TEEs Cracked, Dark Web Leak Tool & More
Cyberattacks are getting smarter and harder to stop. This week, hackers used sneaky tools, tricked trusted systems, and quickly took advantage of new security problems”, some just hours after being found. No system was fully safe.From spying and fake job scams to strong ransomware and tricky phishing, the attacks came from all sides. Even encrypted…
-
Webformulare als Phishing-Einfallstor
Cyberkriminelle entwickeln ihre Methoden stetig weiter, um Phishing-Angriffe glaubwürdiger zu gestalten und Sicherheitsmechanismen zu umgehen. Der jüngste Bericht des KnowBe4-Threat-Lab zeigt, wie Angreifer zunehmend legitime Kommunikationskanäle missbrauchen, von kompromittierten E-Mail-Konten bis hin zu Webformularen auf seriösen Websites. Von BEC zu CBC: Wenn ganze Unternehmen kompromittiert werden Business-E-Mail-Compromise (BEC) zählt seit Jahren zu den effektivsten […]…
-
New HttpTroy Backdoor Poses as VPN Invoice in Targeted Cyberattack on South Korea
Tags: attack, backdoor, cyberattack, email, korea, north-korea, phishing, spear-phishing, threat, vpnThe North Korea-linked threat actor known as Kimsuky has distributed a previously undocumented backdoor codenamed HttpTroy as part of a likely spear-phishing attack targeting a single victim in South Korea.Gen Digital, which disclosed details of the activity, did not reveal any details on when the incident occurred, but noted that the phishing email contained a…
-
Webformulare als Phishing-Einfallstor: KnowBe4 Threat Lab warnt vor Complete Business Compromise
First seen on datensicherheit.de Jump to article: www.datensicherheit.de/webformulare-phishing-einfallstor-knowbe4-threat-lab-warnung-complete-business-compromise
-
Webformulare als Phishing-Einfallstor: KnowBe4 Threat Lab warnt vor Complete Business Compromise
First seen on datensicherheit.de Jump to article: www.datensicherheit.de/webformulare-phishing-einfallstor-knowbe4-threat-lab-warnung-complete-business-compromise
-
New Email Security Technique Prevents Phishing Attacks Behind NPM Breach
The discovery of a large-scale NPM ecosystem compromise in September 2025 has renewed focus on email security as the critical first line of defense against supply chain attacks. Threat actors successfully compromised multiple high-profile NPM developer accounts through a sophisticated phishing campaign, inserting malicious code into 20 popular packages that collectively received nearly 2.8 billion…