Tag: phishing
-
Phishing reclaims the top initial access spot, attackers experiment with AI tools
Phishing returned as the leading method attackers used to break into organizations in the first quarter of 2026, accounting for over a third of engagements where initial … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/22/cisco-phishing-initial-access-2026/
-
‘Scattered Spider’ Member ‘Tylerb’ Pleads Guilty
A 24-year-old British national and senior member of the cybercrime group “Scattered Spider” has pleaded guilty to wire fraud conspiracy and aggravated identity theft. Tyler Robert Buchanan admitted his role in a series of text-message phishing attacks in the summer of 2022 that allowed the group to hack into at least a dozen major technology…
-
‘Scattered Spider’ Member ‘Tylerb’ Pleads Guilty
A 24-year-old British national and senior member of the cybercrime group “Scattered Spider” has pleaded guilty to wire fraud conspiracy and aggravated identity theft. Tyler Robert Buchanan admitted his role in a series of text-message phishing attacks in the summer of 2022 that allowed the group to hack into at least a dozen major technology…
-
‘Scattered Spider’ Member ‘Tylerb’ Pleads Guilty
A 24-year-old British national and senior member of the cybercrime group “Scattered Spider” has pleaded guilty to wire fraud conspiracy and aggravated identity theft. Tyler Robert Buchanan admitted his role in a series of text-message phishing attacks in the summer of 2022 that allowed the group to hack into at least a dozen major technology…
-
Scattered Spider hacker pleads guilty to stealing $8 million in cryptocurrency
A British national tied to the Scattered Spider cybercrime group pleaded guilty to hacking multiple companies via SMS phishing and stealing over $8 million in virtual currency … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/21/british-national-scattered-spider-guilty-sms-phishing/
-
[Podcast] It’s not you, it’s your printer: State-sponsored and phishing threats in 2025
In this episode of Talos Takes, Amy and Martin Lee unpack state-sponsored and phishing trends from the 2025 Talos Year in Review. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/podcast-its-not-you-its-your-printer-state-sponsored-and-phishing-threats-in-2025/
-
[Podcast] It’s not you, it’s your printer: State-sponsored and phishing threats in 2025
In this episode of Talos Takes, Amy and Martin Lee unpack state-sponsored and phishing trends from the 2025 Talos Year in Review. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/podcast-its-not-you-its-your-printer-state-sponsored-and-phishing-threats-in-2025/
-
Phishing and MFA exploitation: Targeting the keys to the kingdom
In 2025, attackers increasingly targeted weaknesses in multi-factor authentication (MFA) workflows, and phishing attacks leveraged valid, compromised credentials to launch lures from trusted accounts. The trends focused entirely on trust, or the lack thereof, in everyday business operations. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/phishing-and-mfa-exploitation-targeting-the-keys-to-the-kingdom/
-
Banken vermischt: Kuriose Phishing-Panne stiftet Verwirrung
Phisher haben es mal wieder auf Bankkunden abgesehen. Blöd nur, wenn sich von der Phishing-Mail niemand angesprochen fühlt. First seen on golem.de Jump to article: www.golem.de/news/banken-vermischt-kuriose-phishing-panne-stiftet-verwirrung-2604-207817.html
-
BSI warnt: Phishing-Attacken über Signal nehmen zu
Angreifer kapern regelmäßig Signal-Konten mittels Phishing. Beim BSI gibt es nun einen Leitfaden mit Handlungsempfehlungen für Betroffene. First seen on golem.de Jump to article: www.golem.de/news/bsi-warnt-phishing-attacken-ueber-signal-nehmen-zu-2604-207797.html
-
GitHub Issue Alerts Exploited in OAuth Phishing Scam Targeting Developers
Hackers are abusing GitHub’s own issue-notification emails to phish developers and silently take over their repositories using malicious OAuth applications, effectively turning trusted DevOps tooling into a supply-chain attack vector. Developers are now prime targets because compromising their accounts gives attackers direct access to source code CI/CD pipelines, and production workflows, making this a textbook supply-chain attack…
-
AI platform ATHR makes voice phishing a one-person job
For $4,000 and a cut of the take, a lone criminal can now run a fully automated voice-phishing operation via ATHR, a plaform that spoofs emails alerts from Google, Microsoft, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/20/athr-voice-phishing-ai-platform/
-
Neue Phishing-Welle nutzt Apple-Server für betrügerische Käufe
Eine neue Kampagne macht sich die automatisierten Sicherheitsmitteilungen von Apple zunutze, um gefälschte Benachrichtigungen über iPhone-Käufe zu versenden. Da die Nachrichten direkt über die offizielle Infrastruktur von Apple generiert werden, umgehen sie mühelos moderne Spam-Filter und täuschen selbst erfahrene Nutzer. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/phishing-welle-apple-server
-
Apple account change alerts abused to send phishing emails
Apple account change notifications are being abused to send fake iPhone purchase phishing scams within legitimate emails sent from Apple’s servers, increasing legitimacy and potentially allowing them to bypass spam filters. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/apple-account-change-alerts-abused-to-send-phishing-emails/
-
Apple account change alerts abused to send phishing emails
Apple account change notifications are being abused to send fake iPhone purchase phishing scams within legitimate emails sent from Apple’s servers, increasing legitimacy and potentially allowing them to bypass spam filters. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/apple-account-change-alerts-abused-to-send-phishing-emails/
-
Apple account change alerts abused to send phishing emails
Apple account change notifications are being abused to send fake iPhone purchase phishing scams within legitimate emails sent from Apple’s servers, increasing legitimacy and potentially allowing them to bypass spam filters. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/apple-account-change-alerts-abused-to-send-phishing-emails/
-
Tycoon 2FA Phishers Scatter, Adopt Device Code Phishing
In embracing device code phishing, attackers trick victims into handing over account access by using a service’s legitimate new-device login flow. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/tycoon-2fa-hackers-device-code-phishing
-
New Phishing Attack Turns n8n Into On-Demand Malware Machine
Hackers are abusing n8n workflows to deliver malware and evade detection, according to Cisco Talos, using trusted automation to bypass security defenses. The post New Phishing Attack Turns n8n Into On-Demand Malware Machine appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-hackers-abuse-n8n-workflows-malware-delivery/
-
Webinar: From phishing to fallout, Why MSPs must rethink both security and recovery
Cyberattacks are evolving faster than many MSP and corporate defenses can keep up, with phishing driving much of today’s cybercrime. Join our upcoming webinar to learn how to combine security and recovery strategies to reduce risk and maintain business continuity. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/webinar-from-phishing-to-fallout-why-msps-must-rethink-both-security-and-recovery/
-
Industrial Systems Hit by New Email-Worm Threat Wave
Email-borne worms are driving a fresh wave of incidents against industrial control systems (ICS), even as overall malware activity on these networks appears to be slowly declining. New data from Q4 2025 shows that phishing-driven distribution of the XWorm backdoor has sharply shifted the risk landscape for operational technology (OT) environments worldwide. The share of…
-
Industrial Systems Hit by New Email-Worm Threat Wave
Email-borne worms are driving a fresh wave of incidents against industrial control systems (ICS), even as overall malware activity on these networks appears to be slowly declining. New data from Q4 2025 shows that phishing-driven distribution of the XWorm backdoor has sharply shifted the risk landscape for operational technology (OT) environments worldwide. The share of…
-
Industrial Systems Hit by New Email-Worm Threat Wave
Email-borne worms are driving a fresh wave of incidents against industrial control systems (ICS), even as overall malware activity on these networks appears to be slowly declining. New data from Q4 2025 shows that phishing-driven distribution of the XWorm backdoor has sharply shifted the risk landscape for operational technology (OT) environments worldwide. The share of…
-
Hackers Deploy ATHR for Scalable AI-Driven Vishing and Credential Theft
Tags: ai, attack, automation, credentials, cyber, cybercrime, email, hacker, malicious, phishing, theftHackers are increasingly turning to telephone-oriented attack delivery (TOAD) to bypass traditional email security, and a new cybercrime platform called ATHR is accelerating this trend with AI-driven automation and integrated phishing capabilities. TOAD attacks rely on a simple but effective tactic: instead of embedding malicious links or attachments, attackers send benign-looking emails containing only a…
-
Wenn Maschinen täuschen: Wie KI die Phishing-Welle antreibt und was jetzt schützt
Trotzdem bleibt ein entscheidender Faktor bestehen: der Mensch. Denn so ausgefeilt die Technik auch ist letztlich zielen Phishing-Angriffe immer auf Mitarbeitende First seen on infopoint-security.de Jump to article: www.infopoint-security.de/wenn-maschinen-taeuschen-wie-ki-die-phishing-welle-antreibt-und-was-jetzt-schuetzt/a44680/
-
MFA-Aushebelung auf dem Vormarsch – SSOKampagne trifft 18 US-Universitäten
First seen on security-insider.de Jump to article: www.security-insider.de/mfa-ausgehebelt-sso-phishing-evilginx-universitaeten-a-cf26805edc2ffb9187cf421cd1e447c9/
-
UAC-0247 Hits Hospitals, Governments With Browser and WhatsApp Data Theft
A surge of targeted cyberattacks was detected against local governments and municipal healthcare institutions particularly clinical and ambulance hospitals. The campaign has been attributed to threat cluster UAC-0247, known for advanced data theft, persistence, and lateral movement methods. The attack chain begins with well-crafted phishing emails that appear to discuss humanitarian aid proposals. These emails typically…
-
Fake ProtonVPN, game mod sites spread NWHStealer in new Windows malware campaign
Multiple ongoing malware campaigns are distributing a powerful information-stealing trojan, tracked as NWHStealer, through fake VPN installers, gaming mods, and system tools. Unlike typical phishing campaigns, these attacks exploit users’ trust in popular software. Threat actors are disguising malicious payloads as legitimate installers for tools such as Proton VPN, OhmGraphite, Sidebar Diagnostics, Pachtop, and HardwareVisualizer. The files are hosted…
-
Hackers Exploit n8n Webhooks to Spread Malware
A new abuse campaign targeting AI-driven workflow automation platforms particularly n8n that turns legitimate automation tools into powerful malware delivery systems. Between October 2025 and March 2026, security analysts observed a sharp surge in phishing emails that weaponized n8n-generated webhooks to deliver malicious payloads and collect device fingerprints under the guise of trusted infrastructure. AI workflow platforms like n8n and Zapier are…