Tag: phishing
-
Trotz Sicherheitsfiltern: KI-Chatbots sind erschreckend gute Komplizen für Phishing-Betrug
First seen on t3n.de Jump to article: t3n.de/news/studie-ki-chatbots-helfer-fuer-phishing-betrug-1707713/
-
RaccoonO365 Phishing Network Dismantled as Microsoft, Cloudflare Take Down 338 Domains
Microsoft’s Digital Crimes Unit said it teamed up with Cloudflare to coordinate the seizure of 338 domains used by RaccoonO365, a financially motivated threat group that was behind a phishing-as-a-service (Phaas) toolkit used to steal more than 5,000 Microsoft 365 credentials from 94 countries since July 2024.”Using a court order granted by the Southern District…
-
RaccoonO365 Phishing Network Shut Down After Microsoft and Cloudflare Disrupt 338 Domains
Microsoft’s Digital Crimes Unit said it teamed up with Cloudflare to coordinate the seizure of 338 domains used by RaccoonO365, a financially motivated threat group that was behind a phishing-as-a-service (Phaas) toolkit used to steal more than 5,000 Microsoft 365 credentials from 94 countries since July 2024.”Using a court order granted by the Southern District…
-
Microsoft seizes hundreds of phishing sites tied to massive credential theft operation
The company acted on a court order and collaborated with Cloudflare to seize RaccoonO365’s infrastructure, which was used to steal credentials from organizations in 94 countries. First seen on cyberscoop.com Jump to article: cyberscoop.com/microsoft-seizes-phishing-sites-raccoono365/
-
Microsoft blocks bait for ‘fastest-growing’ 365 phish kit, seizes 338 domains
Redmond names alleged ringleader, claims 5K+ creds stolen and $100k pocketed First seen on theregister.com Jump to article: www.theregister.com/2025/09/16/microsoft_cloudflare_shut_down_raccoono365/
-
Warning: Hackers have inserted credential-stealing code into some npm libraries
Tags: api, attack, authentication, ciso, cloud, credentials, github, google, hacker, Hardware, incident response, malware, mfa, monitoring, open-source, phishing, sans, software, supply-chain, threatMore than 40 packages affected: One of the researchers who found and flagged the hack Monday was French developer François Best, and it was also described in blogs from StepSecurity, Socket, ReversingLabs and Ox Security. These blogs contain a full list of compromised packages and indicators of compromise.Researchers at Israel-based Ox Security said there was a…
-
Ongoing FileFix Attack Installs StealC Infostealer Via Fake Facebook Pages
Researchers spot FileFix phishing sites that deliver StealC Infostealer through fake Facebook warnings and hidden payloads in images. First seen on hackread.com Jump to article: hackread.com/filefix-attack-stealc-infostealer-fake-facebook-pages/
-
Innovative FileFix Phishing Attack Proves Plenty Potent
Highly deceptive FileFix uses code obfuscation and steganography and has been translated into at least 16 languages to power a global campaign. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/innovative-filefix-attack-potent
-
DigiCert Acquires Valimail to Add Email Authentication Service
DigiCert acquires Valimail to strengthen email authentication with DMARC and content protection, to fight phishing and AI-driven threats. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/digicert-acquires-valimail-to-add-email-authentication-service/
-
DigiCert Acquires Valimail to Add Email Authentication Service
DigiCert acquires Valimail to strengthen email authentication with DMARC and content protection, to fight phishing and AI-driven threats. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/digicert-acquires-valimail-to-add-email-authentication-service/
-
North Korean Hackers Weaponize ChatGPT in AI-Driven Phishing Attack
North Korea’s Kimsuky hackers used ChatGPT to forge government IDs in a phishing attack, marking a new era of AI-powered cyber warfare. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/north-korean-hackers-weaponize-chatgpt-in-ai-driven-phishing-attack/
-
Windows Users Hit by VenomRAT in AI-Driven RevengeHotels Attack
RevengeHotels, also known as TA558, has escalated its long-standing cybercrime campaign by incorporating artificial intelligence into its infection chains, deploying the potent VenomRAT malware against Windows users. Active since 2015, this threat actor has traditionally targeted hotel guests and travelers, stealing payment card data through phishing emails. Recent campaigns, however, demonstrate a marked shift: AI-generated…
-
Tax Refund-Themed Phishing Slows in 2025
Reports of email phishing attempts impersonating the UK’s HM Revenue & Customs plummeted in the first half of 2025 First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/uk-tax-refund-phishing-slows/
-
Tax Refund-Themed Phishing Slows in 2025
Reports of email phishing attempts impersonating the UK’s HM Revenue & Customs plummeted in the first half of 2025 First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/uk-tax-refund-phishing-slows/
-
Größter Supply-Chain-Angriff in der Geschichte von npm
Die Sicherheitsforscher von Check Point Software Technologies arbeiten den großen npm-Diebstahl auf: Am 8. September 2025 erlebte das Javascript-Ökosystem den größten Supply-Chain-Angriff in der Geschichte von npm. Durch eine gezielte Phishing-Kampagne wurde das Konto eines bekannten Maintainers kompromittiert. In der Folge schleusten die Angreifer Malware mit Krypto-Stealer-Funktion in mehr als 18 zentrale npm-Pakete ein. Diese…
-
Popular NPM Package ‘ctrl/tinycolor’ with 2M Weekly Downloads and 40+ Others Compromised in Supply Chain Attack
The NPM ecosystem is under attack once again, with a sophisticated supply chain compromise targeting the widely-used @ctrl/tinycolor package and over 40 other JavaScript packages. This latest incident represents a significant escalation in supply chain threats, featuring self-propagating malware that automatically spreads across the ecosystem. Diagram showing how phishing emails with malicious URLs or HTML…
-
Kimsuky Group Weaponizes AI Deepfakes in New Spear-Phishing Campaign
The post Kimsuky Group Weaponizes AI Deepfakes in New Spear-Phishing Campaign appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/kimsuky-group-weaponizes-ai-deepfakes-in-new-spear-phishing-campaign/
-
North Korea’s Kimsuky Group Uses AI-Generated Military IDs in New Attack
North Korea’s Kimsuky hackers use AI-generated fake military IDs in a new phishing campaign, GSC warns, marking a… First seen on hackread.com Jump to article: hackread.com/north-korea-kimsuky-group-ai-generated-military-ids/
-
Phishing campaign targets Rust developers
Developers publishing crates (binaries and libraries written in Rust) on crates.io, Rust’s main public package registry, have been targeted with emails echoing the recent npm … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/15/phishing-campaign-targets-rust-developers/
-
Phishing Campaigns Exploit RMM Tools to Sustain Remote Access
A sophisticated phishing operation in which attackers deploy remote monitoring and management (RMM) tools”, ITarian (formerly Comodo), PDQ Connect, SimpleHelp, and Atera”, to gain persistent remote access to compromised systems. By disguising malicious installers as legitimate browser updates, meeting or party invitations, and government forms, adversaries exploit users’ trust in commonly used IT administration software.…
-
New ransomware Yurei adopts open-source tools for double-extortion campaigns
Tags: access, attack, authentication, backup, breach, ciso, cloud, control, data, edr, extortion, flaw, intelligence, Internet, mfa, network, open-source, phishing, powershell, ransomware, resilience, risk, service, switch, threat, tool, windowsBigger risks beyond downtime: The double-extortion ransomware appears to be an early version, as it has loopholes. Ransomware often targets and deletes shadow copies to block victims from using Windows’ built-in recovery options. But Yurei did not delete the shadow copies, which, if enabled, can allow the victim to restore their files to a previous…
-
Hackers Hide RMM Installs as Fake Chrome Updates and Teams Invites
New research from Red Canary and Zscaler shows phishing lures now drop RMM tools like ITarian and Atera,… First seen on hackread.com Jump to article: hackread.com/hackers-rmm-installs-fake-chrome-updates-teams-invite/
-
Hackers Hide RMM Installs as Fake Chrome Updates and Teams Invites
New research from Red Canary and Zscaler shows phishing lures now drop RMM tools like ITarian and Atera,… First seen on hackread.com Jump to article: hackread.com/hackers-rmm-installs-fake-chrome-updates-teams-invite/
-
AI-Forged Military IDs Used in North Korean Phishing Attack
Genians observed the Kimsuky group impersonate a defense institution in a spear-phishing attack, leveraging ChatGPT to create fake military ID cards First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ai-military-ids-north-korea/
-
Hackers using generative AI “ChatGPT” to evade anti-virus defenses
The Kimsuky APT group has begun leveraging generative AI ChatGPT to craft deepfake South Korean military agency ID cards. Phishing lures deliver batch files and AutoIt scripts designed to evade anti-virus scanning through sophisticated obfuscation. Organizations must deploy endpoint detection and response (EDR) solutions to unmask hidden scripts and secure endpoints. On July 17, 2025,…
-
Phishing Campaigns Drop RMM Tools for Remote Access
Threat actors are using multiple lures to trick users into installing RMM tools First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/phishing-campaigns-rmm-tools/
-
DarkCloud Stealer Targets Financial Firms via Weaponized RAR Files
August 2025 saw a dramatic surge in targeted attacks by the DarkCloud Stealer against financial institutions worldwide. CyberProof’s MDR analysts and threat hunters identified a wave of phishing emails bearing malicious RAR archives designed to prey on Windows users. Once executed, these archives unleashed a multi”stage payload engineered to siphon login credentials from email clients,…
-
Phishing-Trends und Bedrohungsanalyse – Wie Phishing durch Kommerzialisierung und KI zur globalen Gefahr wird
First seen on security-insider.de Jump to article: www.security-insider.de/phishing-industrialisierung-ki-trends-2025-a-9dbf0f8f63c7a9b96f7468c486f898b1/