Tag: phishing
-
GTFire Phishing Campaign Exploits Google Services to Bypass Detection and Harvest Credentials
GTFire is a large-scale phishing scheme that abuses multiple Google services to hide malicious infrastructure, evade security tools, and steal credentials from organizations worldwide. GTFire is a credential-harvesting operation that chains Google Firebase Hosting and Google Translate to deliver phishing pages that look like legitimate brand logins. Attackers host fake login portals on Firebase .web.…
-
Purchase order attachment isn’t a PDF. It’s phishing for your password
A fake purchase order attachment turned out to be a phishing page designed to harvest your login details. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/purchase-order-attachment-isnt-a-pdf-its-phishing-for-your-password/
-
A scorecard for cyber and risk culture
Tags: access, automation, awareness, breach, business, compliance, control, credentials, cyber, finance, governance, identity, jobs, metric, mitigation, phishing, risk, service, strategy, tool, trainingWhen someone asks for an exception.When a change goes in late.When an alert fires at 2 a.m.When a junior analyst spots something odd and wonders if it’s worth escalating.When an executive wants speed, and the team wants safety. Ownership means people act like the risk is partly theirs. They don’t outsource judgment to “security.” They…
-
OCRFix Botnet Uses ClickFix Phishing and EtherHiding to Mask Blockchain C2 Infrastructure
OCRFix is a multi-stage botnet Trojan campaign that abuses a fake Tesseract OCR download site, ClickFix-style PowerShell execution, and EtherHiding on BNB Smart Chain to conceal a rotating blockchain-backed command infrastructure. The fake site gates content behind a bogus CAPTCHA and then instructs users to open PowerShell and paste a pre-copied command, a hallmark of…
-
Jobbezogene Phishing-Kampagnen und ClickFix-Angriffe auf Entwickler
PurpleBravo steht exemplarisch für eine neue Generation staatlich unterstützter Cyberangriffe, die nicht nur technische Schwachstellen, sondern gezielt berufliche Prozesse ausnutzen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/jobbezogene-phishing-kampagnen-und-clickfix-angriffe-auf-entwickler/a43880/
-
Für Vishing-Calls: Hackergruppe sucht Frauen, die auf den Punkt kommen
Tags: phishingDie Cybergang Scattered Lapsus$ Hunters will offenbar beim Voice-Phishing effektiver werden. Weibliche Stimmen sollen dabei helfen. First seen on golem.de Jump to article: www.golem.de/news/social-engineering-beruechtigte-hackergruppe-sucht-frauen-fuers-team-2602-205927.html
-
Hackers Use 1Campaign to Hide Malicious Ads From Google Reviewers
Varonis Threat Labs reveals 1Campaign, a platform used to trick Google Ads and hide phishing pages. Learn how this cloaking tool targets real users while evading security. First seen on hackread.com Jump to article: hackread.com/hackers-1campaign-hide-malicious-ads-google-reviewers/
-
UAT-10027 campaign hits U.S. education and healthcare with stealthy Dohdoor backdoor
UAT-10027 campaign is targeting U.S. education and healthcare sectors to deploy a new Dohdoor backdoor. Cisco Talos has identified a new threat cluster, tracked as UAT-10027, targeting U.S. education and healthcare organizations since at least December 2025 to deploy a previously unseen backdoor named Dohdoor. Initial access likely occurs through phishing, triggering a PowerShell script…
-
Fake Avast Website Targets Users With Euro499 Phishing Refund Scam
Fraudsters clone Avast’s website to target French users with a Euro499 phishing scam, using urgency tactics, live chat, and card validation to steal payment data. First seen on hackread.com Jump to article: hackread.com/fake-avast-website-phishing-refund-scam/
-
Darktrace Flags 32 Million Phishing Emails in 2025 as Identity Attacks Intensify
2025 saw 32M phishing emails, with identity threats surpassing vulnerabilities First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/32m-phishing-emails-detected-2025/
-
Darktrace Flags 32 Million Phishing Emails in 2025 as Identity Attacks Intensify
2025 saw 32M phishing emails, with identity threats surpassing vulnerabilities First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/32m-phishing-emails-detected-2025/
-
How to report suspicious activity to Spamhaus (with all the right info!)
Cybercriminals never rest but anyone can play a role in stopping them. Sharing malicious activity is one of the most important ways we can strengthen safety on the internet. Spamhaus Threat Intel Community brings individuals and organizations together to share threat data and block spam, phishing, and malware campaigns worldwide. Find out how you can…
-
Scattered Lapsus$ Hunters seeks women for vishing attacks
The Scattered Lapsus$ Hunters (SLH) hacking collective has launched a recruitment push aimed specifically at women, offering cash payments for participating in voice-phishing … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/26/slh-seeks-women-for-vishing-attacks/
-
Malicious Ads Bypass Google Ads Screening via New Campaign Platform Exploit
A sophisticated cloaking platform called 1Campaign, designed to help attackers run malicious Google Ads campaigns while evading detection. The service acts as a full”‘service infrastructure for malvertising, filtering out researchers and automated scanners to keep phishing and cryptocurrency drainer sites online for extended periods. Operated by a developer using the alias DuppyMeister, 1Campaign has been…
-
Steaelite RAT combines data theft and ransomware management capability in one tool
Tags: access, android, attack, authentication, awareness, business, corporate, credentials, crypto, cybercrime, data, ddos, defense, encryption, endpoint, extortion, infection, infosec, malware, mobile, monitoring, password, phishing, ransomware, rat, remote-code-execution, theft, threat, tool, training, windowsCSO that this isn’t the most sophisticated RAT he’s seen. “The novel aspect here,” he said, “is the convergence. Steaelite bundles remote access, credential harvesting, data exfiltration, and ransomware (currently in development) in a single package.” Traditionally, he explained, these capabilities have occupied different parts of the cybercrime toolchain, but Steaelite unifies the functions, giving…
-
ShinyHunters Leak 12.4 Million CarGurus Records in Massive Data Dump
ShinyHunters allegedly leaked 12.4 million CarGurus records, exposing personal and financing data and raising risks of phishing and data extortion attacks. The post ShinyHunters Leak 12.4 Million CarGurus Records in Massive Data Dump appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-shinyhunters-cargurus-data-leak-12-million-records/
-
Phishing Platform Targeting Trucking and Logistics Disrupted
Russian and Armenian Operators Tied to Logistics-Focused ‘Diesel Vortex’ Group. Cybersecurity investigators have identified, unmasked and disrupted a months-long organized criminal effort that developed a phishing-as-a-service designed to target Western users of popular logistics platforms, facilitating multiple types of fraud and displaying operators’ deep industry knowledge. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/phishing-platform-targeting-trucking-logistics-disrupted-a-30846
-
12.4 Million Accounts Exposed in CarGurus Leak
ShinyHunters’ alleged CarGurus leak exposed 12.4 million accounts, heightening phishing and fraud risks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/12-4-million-accounts-exposed-in-cargurus-leak/
-
Starkiller Phishing Framework Bypasses Defenses with Reverse Proxies, Takes an SaaS Approach
Starkiller is a new SaaS-style phishing framework that runs real brand websites inside headless Chrome containers, acting as a live reverse proxy to steal credentials, session tokens, and MFA-protected accounts while evading traditional detection. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/starkiller-phishing-framework-bypasses-defenses-with-reverse-proxies-takes-an-saas-approach/
-
Cybercriminals Exploit Fake Avast Website to Steal Users Credit Card Information
Cybercriminals have launched a convincing phishing operation by building a fake Avast website designed to steal credit card information from unsuspecting visitors. The fraudulent page mimics Avast’s official portal almost perfectly, complete with the genuine Avast logo pulled directly from the company’s content delivery network. It displays regular navigation links like “Home,” “My Account,” and…
-
Boards don’t need cyber metrics, they need risk signals
Tags: access, advisory, ai, attack, automation, awareness, business, ciso, control, cyber, cybersecurity, data, framework, governance, intelligence, metric, phishing, riskThe seduction of counting: Even when metrics are not too technical and align with business impact, another problem emerges: What gets counted can crowd out what matters.Wendy Nather, a longtime CISO who is now an advisor at EPSD, cautions against equating measurement with understanding. “When you are reporting to the board, there are some things…
-
Airline brands become launchpads for phishing, crypto fraud
Airline brands sit at the center of peak travel booking cycles, loyalty programs, and high value transactions. Criminal groups continue to register thousands of lookalike … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/25/airline-phishing-campaigns-crypto-fraud/
-
Multifaceted Phishing Scheme Deceives Bitpanda Customers
Phishing attack mimicking Bitpanda targets users, harvesting credentials and personal information First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/bitpanda-mfa-phishing-scheme/
-
Phishing-Kampagne missbraucht Google Tasks für Unternehmenszugänge
Wie das Sicherheitsunternehmen Kaspersky berichtet, missbrauchen Angreifer das Benachrichtigungssystem von Google Tasks, um an Zugangsdaten von Unternehmensaccounts zu gelangen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/phishing-google-tasks