Tag: phishing
-
Lazarus Group Is Exploiting CVE-2025-48384 in New Phishing Campaign
The post Lazarus Group Is Exploiting CVE-2025-48384 in New Phishing Campaign appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/lazarus-group-is-exploiting-cve-2025-48384-in-new-phishing-campaign/
-
New Buterat Backdoor Malware Found in Enterprise and Government Networks
Meet Buterat, a new backdoor malware spreading through phishing and trojanized downloads, giving attackers persistent access to enterprise and government networks. First seen on hackread.com Jump to article: hackread.com/buterat-backdoor-malware-enterprise-govt-networks/
-
Lazarus Hackers Abuse Git Symlink Vulnerability in Stealthy Phishing Campaign
KuCoin’s security team has uncovered a new phishing campaign orchestrated by the Lazarus Group (APT38), the notorious state-sponsored collective renowned for financially motivated cyberespionage. Armed with government resources and a history of high-profile breaches, Lazarus continues to evolve its tactics to target cryptocurrency and financial institutions worldwide. Over the last decade, Lazarus has homed in…
-
Lazarus Hackers Abuse Git Symlink Vulnerability in Stealthy Phishing Campaign
KuCoin’s security team has uncovered a new phishing campaign orchestrated by the Lazarus Group (APT38), the notorious state-sponsored collective renowned for financially motivated cyberespionage. Armed with government resources and a history of high-profile breaches, Lazarus continues to evolve its tactics to target cryptocurrency and financial institutions worldwide. Over the last decade, Lazarus has homed in…
-
Supply chain attack targets npm, +2 Billion weekly npm downloads exposed
Multiple popular npm packages were compromised in a supply chain attack after a maintainer fell for a phishing email targeting 2FA credentials. A supply chain attack compromised multiple popular npm packages with 2B weekly downloads after a maintainer fell for a phishing email mimicking npm, targeting 2FA credentials. Threat actors targeted Josh Junon’s (Qix) to…
-
Hackers Compromise 18 NPM Packages in Supply Chain Attack
Attacker Socially Engineered Developer With Phishing Email. A hacker laced 18 popular npm packages with cryptocurrency stealing malware after socially engineering the developer into giving up his credentials to the JavaScript runtime environment. Aikido Security said the 18 software packages collectively have downloads of more than two billion each week. First seen on govinfosecurity.com Jump…
-
New Salty2FA Phishing Kit Bypasses MFA and Clones Login Pages
A new, sophisticated phishing kit, Salty2FA, is using advanced tactics to bypass MFA and mimic trusted brands. Read… First seen on hackread.com Jump to article: hackread.com/salty2fa-phishing-kit-bypasses-mfa-clone-login-pages/
-
Salty2FA Takes Phishing Kits to Enterprise Level
Cybercriminal operations use the same strategy and planning as legitimate organizations as they arm adversarial phishing kits with advanced features. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/salty2fa-phishing-kits-enterprise-level
-
How One Phishing Email Compromised 18 npm Packages and Billions of Installs
On September 8, 2025, a single phishing email triggered one of npm’s most damaging supply chain attacks, compromising 18 popular JavaScript packages with over 2.6 billion weekly downloads. By tricking a maintainer into revealing credentials and 2FA codes, attackers injected crypto-stealing malware into widely used libraries. This blog unpacks how it happened, which packages were…
-
Axios Abuse and Salty 2FA Kits Fuel Advanced Microsoft 365 Phishing Attacks
Threat actors are abusing HTTP client tools like Axios in conjunction with Microsoft’s Direct Send feature to form a “highly efficient attack pipeline” in recent phishing campaigns, according to new findings from ReliaQuest.”Axios user agent activity surged 241% from June to August 2025, dwarfing the 85% growth of all other flagged user agents combined,” the…
-
Phishing Alert: Kimusky Hackers Masquerade as Tax Authority with ‘September Tax Return Due Date’ Email
South Korean internet users are being targeted by a sophisticated phishing campaign attributed to the North Korean threat actor known as Kimsuky. The malicious emails, masquerading as official notices from the National Tax Service (NTS), inform recipients of a “September Tax Return Payment Due Notice” and urge them to click a link to view an…
-
Phishing Alert: Kimusky Hackers Masquerade as Tax Authority with ‘September Tax Return Due Date’ Email
South Korean internet users are being targeted by a sophisticated phishing campaign attributed to the North Korean threat actor known as Kimsuky. The malicious emails, masquerading as official notices from the National Tax Service (NTS), inform recipients of a “September Tax Return Payment Due Notice” and urge them to click a link to view an…
-
Salty2FA Phishing Kit Unveils New Level of Sophistication
Salty2FA phishing campaign showcases advanced techniques and professionalism of cybercrime operations First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/salty2fa-phishing-kit/
-
Phishing kit Salty2FA washes away confidence in MFA
A call for layered and adaptive defenses: Countering Salty2FA might need something more than passwords and legacy controls, industry experts agreed. Darren Guccione, CEO of Keeper Security, argued that passkeys and passwordless authentication should be part of the strategy. “These technologies complement existing security measures by reducing reliance on traditional passwords, which remain a prime…
-
Phishing kit Salty2FA washes away confidence in MFA
A call for layered and adaptive defenses: Countering Salty2FA might need something more than passwords and legacy controls, industry experts agreed. Darren Guccione, CEO of Keeper Security, argued that passkeys and passwordless authentication should be part of the strategy. “These technologies complement existing security measures by reducing reliance on traditional passwords, which remain a prime…
-
npm-Hack: Konto gehackt; 18 npm-Pakete mit Millionen Downloads kompromittiert
Der nächste Vorfall in Sachen Lieferkettenangriff ist gerade passiert. Seit dem gestrigen 8. Sept. 2025 gibt es Berichte, dass npm-Pakete kompromittiert seien. Nun kristallisiert sich heraus, dass das Konto eines Entwicklers durch simples Phishing gehackt wurde. Die Hacker konnten 18 … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/09/09/npm-desaster-konto-gehackt-18-npm-pakete-mit-millionen-downloads-kompromittiert/
-
npm-Hack: Konto gehackt; 18 npm-Pakete mit Millionen Downloads kompromittiert
Der nächste Vorfall in Sachen Lieferkettenangriff ist gerade passiert. Seit dem gestrigen 8. Sept. 2025 gibt es Berichte, dass npm-Pakete kompromittiert seien. Nun kristallisiert sich heraus, dass das Konto eines Entwicklers durch simples Phishing gehackt wurde. Die Hacker konnten 18 … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/09/09/npm-desaster-konto-gehackt-18-npm-pakete-mit-millionen-downloads-kompromittiert/
-
Phishing Alert: Kimusky Hackers Masquerade as Tax Authority with ‘September Tax Return Due Date’ Email
South Korean internet users are being targeted by a sophisticated phishing campaign attributed to the North Korean threat actor known as Kimsuky. The malicious emails, masquerading as official notices from the National Tax Service (NTS), inform recipients of a “September Tax Return Payment Due Notice” and urge them to click a link to view an…
-
Massive npm supply chain attack hits 18 popular packages with 2B weekly downloads
Tags: api, attack, blockchain, breach, crypto, data, detection, email, finance, github, malicious, malware, monitoring, network, open-source, phishing, risk, strategy, supply-chain, theft, tool, update, vulnerabilityFinancial impact surprisingly limited: Despite affecting packages with 2 billion weekly downloads, the actual financial impact was surprisingly modest. “We were tracking approximately $970 in stolen funds to attacker-controlled wallets,” Eriksen said, highlighting a significant disconnect between the attack’s potential reach and its realized damage.This limited financial impact reflected both the attackers’ operational carelessness and…
-
Massive npm supply chain attack hits 18 popular packages with 2B weekly downloads
Tags: api, attack, blockchain, breach, crypto, data, detection, email, finance, github, malicious, malware, monitoring, network, open-source, phishing, risk, strategy, supply-chain, theft, tool, update, vulnerabilityFinancial impact surprisingly limited: Despite affecting packages with 2 billion weekly downloads, the actual financial impact was surprisingly modest. “We were tracking approximately $970 in stolen funds to attacker-controlled wallets,” Eriksen said, highlighting a significant disconnect between the attack’s potential reach and its realized damage.This limited financial impact reflected both the attackers’ operational carelessness and…
-
Axios User Agent Helps Automate Phishing on “Unprecedented Scale”
Tags: phishingReliaQuest warns that phishing campaigns abusing the Axios user agent have surged 241% in three months First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/axios-user-agent-automate-phishing/
-
Axios User Agent Helps Automate Phishing on “Unprecedented Scale”
Tags: phishingReliaQuest warns that phishing campaigns abusing the Axios user agent have surged 241% in three months First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/axios-user-agent-automate-phishing/
-
SpamGPT: New AI Email Attack Tool Fueling Massive Phishing Operations
A novel AI-driven email attack toolkit namedSpamGPThas surfaced on underground hacking forums, promising cybercriminals an all-in-one platform for launching large-scale phishing campaigns. Advertised as an “AI-powered spam-as-a-service” solution, SpamGPT automates compromise of email servers, bypasses major spam filters, and offers marketing-style campaign analytics. Security researchers warn that its user-friendly interface and AI-assisted content generation significantly…
-
From MostereRAT to ClickFix: New Malware Campaigns Highlight Rising AI and Phishing Risks
Cybersecurity researchers have disclosed details of a phishing campaign that delivers a stealthy banking malware-turned-remote access trojan called MostereRAT.The phishing attack incorporates a number of advanced evasion techniques to gain complete control over compromised systems, siphon sensitive data, and extend its functionality by serving secondary plugins, Fortinet FortiGuard Labs said.” First seen on thehackernews.com Jump…
-
SpamGPT: New AI Email Attack Tool Fueling Massive Phishing Operations
A novel AI-driven email attack toolkit namedSpamGPThas surfaced on underground hacking forums, promising cybercriminals an all-in-one platform for launching large-scale phishing campaigns. Advertised as an “AI-powered spam-as-a-service” solution, SpamGPT automates compromise of email servers, bypasses major spam filters, and offers marketing-style campaign analytics. Security researchers warn that its user-friendly interface and AI-assisted content generation significantly…
-
From MostereRAT to ClickFix: New Malware Campaigns Highlight Rising AI and Phishing Risks
Cybersecurity researchers have disclosed details of a phishing campaign that delivers a stealthy banking malware-turned-remote access trojan called MostereRAT.The phishing attack incorporates a number of advanced evasion techniques to gain complete control over compromised systems, siphon sensitive data, and extend its functionality by serving secondary plugins, Fortinet FortiGuard Labs said.” First seen on thehackernews.com Jump…
-
SpamGPT: New AI Email Attack Tool Fueling Massive Phishing Operations
A novel AI-driven email attack toolkit namedSpamGPThas surfaced on underground hacking forums, promising cybercriminals an all-in-one platform for launching large-scale phishing campaigns. Advertised as an “AI-powered spam-as-a-service” solution, SpamGPT automates compromise of email servers, bypasses major spam filters, and offers marketing-style campaign analytics. Security researchers warn that its user-friendly interface and AI-assisted content generation significantly…
-
MostereRAT Exploits AnyDesk and TightVNC for Remote Access on Windows Systems
Cybersecurity researchers at FortiGuard Labs have uncovered a sophisticated phishing campaign that deploys the MostereRAT remote access trojan to compromise Windows systems. The malware leverages advanced evasion techniques and installs legitimate remote access tools like AnyDesk and TightVNC to maintain persistent, covert access to infected machines. The attack begins with carefully crafted phishing emails targeting…
-
Supply-Chain-Angriff: NPM-Pakete mit Milliarden von Downloads kompromittiert
Ein erfolgreicher Phishing-Angriff erschüttert das Javascript-Ökosystem. Eine Malware hat ihren Weg in zahlreiche prominente NPM-Pakete gefunden. First seen on golem.de Jump to article: www.golem.de/news/supply-chain-angriff-npm-pakete-mit-milliarden-von-downloads-kompromittiert-2509-199901.html