Tag: phishing

Malicious NPM Packages Used in Sophisticated Developer Cyberattack

Oct 14, 2025 1:23 PM

Tags: cyber, cyberattack, malicious, network, open-source, phishing

In October 2025, security researchers uncovered an unprecedented phishing campaign that weaponizes the npm ecosystem”, not by infecting developers during package installation, but by abusing the unpkg.com CDN as a disposable hosting platform for malicious JavaScript. By seeding over 175 throwaway npm packages, attackers have turned a trusted open source delivery network into a large-scale…
Malicious NPM Packages Used in Sophisticated Developer Cyberattack

Oct 14, 2025 1:23 PM

Tags: cyber, cyberattack, malicious, network, open-source, phishing

In October 2025, security researchers uncovered an unprecedented phishing campaign that weaponizes the npm ecosystem”, not by infecting developers during package installation, but by abusing the unpkg.com CDN as a disposable hosting platform for malicious JavaScript. By seeding over 175 throwaway npm packages, attackers have turned a trusted open source delivery network into a large-scale…
Hackers Mimic as OpenAI and Sora Services to Steal Login Credentials

Oct 14, 2025 1:23 PM

Tags: ai, credentials, crypto, cyber, hacker, login, openai, phishing, service

Hackers have launched a sophisticated phishing campaign impersonating both OpenAI and the recently released Sora 2 AI service. By cloning legitimate-looking landing pages, these actors are duping users into submitting their login credentials, participating in faux “gift” surveys, and even falling victim to cryptocurrency scams. Security researchers note that these deceptive domains are already ensnaring…
Researchers Expose TA585’s MonsterV2 Malware Capabilities and Attack Chain

Oct 14, 2025 9:23 AM

Tags: attack, cybersecurity, injection, malware, phishing, threat

Cybersecurity researchers have shed light on a previously undocumented threat actor called TA585 that has been observed delivering an off-the-shelf malware called MonsterV2 via phishing campaigns.The Proofpoint Threat Research Team described the threat activity cluster as sophisticated, leveraging web injections and filtering checks as part of its attack chains.”TA585 is notable because it First seen…
Sovereign Data, Sovereign Access: Introducing Modern FIDO Authentication for SAS PCE

Oct 14, 2025 5:24 AM

Tags: access, ai, attack, authentication, business, ceo, ciso, cloud, compliance, container, control, data, encryption, fido, finance, framework, GDPR, iam, identity, infrastructure, law, LLM, mfa, mobile, password, phishing, resilience, risk, service, software, strategy, technology, tool

Sovereign Data, Sovereign Access: Introducing Modern FIDO Authentication for SAS PCE andrew.gertz@t“¦ Mon, 10/13/2025 – 14:53 Discover how Thales empowers enterprises with sovereign access through FIDO authentication in SAS PCE”, ensuring secure, phishing-resistant identity control for hybrid environments. Identity & Access Management Access Control Guido Gerrits – Field Channel Director, EMEA More About This Author…
Hackers Target ScreenConnect Features For Network Intrusions

Oct 13, 2025 6:24 PM

Tags: attack, control, exploit, hacker, network, phishing, tactics, tool

A rise in attacks exploiting RMM tools like ScreenConnect enables system control via phishing tactics First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/hackers-target-screenconnects/
Meet Varonis Interceptor: AI-Native Email Security

Oct 13, 2025 4:23 PM

Tags: ai, attack, email, phishing, social-engineering

AI-generated phishing and social engineering attacks outpace traditional email defenses. Varonis’ new Interceptor platform uses multimodal AI, vision, language, and behavior models, to detect zero-hour attacks and stop them before they reach users. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/meet-varonis-interceptor-ai-native-email-security/
Meet Varonis Interceptor: AI-Native Email Security

Oct 13, 2025 4:23 PM

Tags: ai, attack, email, phishing, social-engineering

AI-generated phishing and social engineering attacks outpace traditional email defenses. Varonis’ new Interceptor platform uses multimodal AI, vision, language, and behavior models, to detect zero-hour attacks and stop them before they reach users. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/meet-varonis-interceptor-ai-native-email-security/
Meet Varonis Interceptor: AI-Native Email Security

Oct 13, 2025 4:23 PM

Tags: ai, attack, email, phishing, social-engineering

AI-generated phishing and social engineering attacks outpace traditional email defenses. Varonis’ new Interceptor platform uses multimodal AI, vision, language, and behavior models, to detect zero-hour attacks and stop them before they reach users. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/meet-varonis-interceptor-ai-native-email-security/
Dull but dangerous: A guide to 15 overlooked cybersecurity blind spots

Oct 13, 2025 2:24 PM

Tags: access, ai, api, attack, backup, cloud, control, corporate, credentials, crypto, cybersecurity, data, detection, dns, edr, email, encryption, endpoint, exploit, firewall, firmware, governance, guide, iam, identity, iot, leak, least-privilege, linux, malicious, mfa, network, password, phishing, phone, ransomware, resilience, saas, sbom, service, siem, strategy, supply-chain, tool, unauthorized, update, vulnerability

Server time synchronization (NTP drift) Skewed clocks create a perfect cover for attackers. When your servers disagree about when events happened, correlation dies and forensics becomes fiction. Yet most organizations treat NTP like plumbing: set once and forget.Fix this now: Enforce a secure NTP hierarchy with authenticated sources. Monitor offset religiously. Block unauthorized NTP traffic…
Dull but dangerous: A guide to 15 overlooked cybersecurity blind spots

Oct 13, 2025 2:24 PM

Tags: access, ai, api, attack, backup, cloud, control, corporate, credentials, crypto, cybersecurity, data, detection, dns, edr, email, encryption, endpoint, exploit, firewall, firmware, governance, guide, iam, identity, iot, leak, least-privilege, linux, malicious, mfa, network, password, phishing, phone, ransomware, resilience, saas, sbom, service, siem, strategy, supply-chain, tool, unauthorized, update, vulnerability

Server time synchronization (NTP drift) Skewed clocks create a perfect cover for attackers. When your servers disagree about when events happened, correlation dies and forensics becomes fiction. Yet most organizations treat NTP like plumbing: set once and forget.Fix this now: Enforce a secure NTP hierarchy with authenticated sources. Monitor offset religiously. Block unauthorized NTP traffic…
Spanish Authorities Dismantle Advanced AI Phishing Operation GoogleXcoder

Oct 13, 2025 9:23 AM

Tags: ai, banking, credentials, cyber, cybercrime, finance, government, group, law, network, phishing, theft

Spanish law enforcement recently dismantled an advanced AI-driven phishing network and arrested the mastermind developer known as “GoogleXcoder.” This operation marks a significant victory in the fight against banking credential theft in Spain. Cybercriminals Target Banks and Government Agencies Since 2023, Spain faced a surge in sophisticated phishing campaigns. Criminal groups impersonated major banks and…
Spanish Authorities Dismantle Advanced AI Phishing Operation GoogleXcoder

Oct 13, 2025 9:23 AM

Tags: ai, banking, credentials, cyber, cybercrime, finance, government, group, law, network, phishing, theft

Spanish law enforcement recently dismantled an advanced AI-driven phishing network and arrested the mastermind developer known as “GoogleXcoder.” This operation marks a significant victory in the fight against banking credential theft in Spain. Cybercriminals Target Banks and Government Agencies Since 2023, Spain faced a surge in sophisticated phishing campaigns. Criminal groups impersonated major banks and…
Mikrosegmentierung kann die Wirkung von Phishing-Attacken eindämmen

Oct 13, 2025 9:23 AM

Tags: access, fraud, phishing

Bei automatisierter Mikrosegmentierung wird Jede Ressource proaktiv isoliert, sodass Angreifer selbst dann, wenn ein Phishing-Betrug einen ersten Zugriff ermöglicht, keine seitlichen Bewegungen ausführen können. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/mikrosegmentierung-kann-die-wirkung-von-phishing-attacken-eindaemmen/a42335/
Our APWG eCrimes Paper on Tech Support Scam Facebook Groups

Oct 13, 2025 5:23 AM

Tags: apple, conference, cybercrime, data, email, finance, google, group, india, marketplace, microsoft, phishing, scam, service

My colleague Raghavendra Cherupalli will be at APWG eCrime next month sharing a paper based on our research into the Facebook Groups where illicit Indian Call Centers share “Crime-as-a-Service” offerings with one another. In our paper, “Classification of Cybercriminal Posts Using Large Language Models: A Comprehensive Study on Tech Support Scam Marketplaces,” Raghavendra will be…
Our APWG eCrimes Paper on Tech Support Scam Facebook Groups

Oct 13, 2025 5:23 AM

Tags: apple, conference, cybercrime, data, email, finance, google, group, india, marketplace, microsoft, phishing, scam, service

My colleague Raghavendra Cherupalli will be at APWG eCrime next month sharing a paper based on our research into the Facebook Groups where illicit Indian Call Centers share “Crime-as-a-Service” offerings with one another. In our paper, “Classification of Cybercriminal Posts Using Large Language Models: A Comprehensive Study on Tech Support Scam Marketplaces,” Raghavendra will be…
Cybercrime ring GXC Team dismantled in Spain, 25-year-old leader detained

Oct 11, 2025 9:24 PM

Tags: ai, android, credentials, cybercrime, group, malware, phishing, russia, scam, theft, tool

Spain’s Guardia Civil dismantled the cybercrime group “GXC Team” and arrested its 25-year-old Brazilian leader. Spanish Guardia Civil dismantled the “GXC Team” cybercrime group, arresting its 25-year-old Brazilian leader “GoogleXcoder.” The gang sold AI-powered phishing kits, Android malware, and voice-scam tools via Telegram and Russian forums, becoming a major supplier of credential theft tools in…
Phishing im Namen von Lufthansa, Emirates und Co.

Oct 11, 2025 12:23 PM

Tags: kaspersky, mail, phishing

Sicherheitsforscher von Kaspersky warnen vor einer aktuellen Betrugsserie, die sich gezielt gegen Unternehmen richtet. Dabei geben sich Angreifer in E-Mails als renommierte Airlines oder Flughäfen aus, darunter Lufthansa, Emirates, Qatar Airways, Etihad oder der Flughafen Amsterdam Schiphol. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/phishing-lufthansa-emirates-und-co
Phishing im Namen von Lufthansa, Emirates und Co.

Oct 11, 2025 12:23 PM

Tags: kaspersky, mail, phishing

Sicherheitsforscher von Kaspersky warnen vor einer aktuellen Betrugsserie, die sich gezielt gegen Unternehmen richtet. Dabei geben sich Angreifer in E-Mails als renommierte Airlines oder Flughäfen aus, darunter Lufthansa, Emirates, Qatar Airways, Etihad oder der Flughafen Amsterdam Schiphol. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/phishing-lufthansa-emirates-und-co
175 npm Packages Abused in Beamglea Phishing Operation

Oct 10, 2025 11:23 PM

Tags: malicious, phishing

The Beamglea campaign used 175 malicious npm packages to host phishing redirects, targeting global tech and energy firms. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/npm-packages-abused-beamglea/
“Payroll Pirate” phishing scam that takes over Workday accounts steals paychecks

Oct 10, 2025 8:24 PM

Tags: mfa, phishing, scam

Among other things, the scammers bypass multi-factor authentication. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/10/payroll-pirate-phishing-scam-that-takes-over-workday-accounts-steals-paychecks/
Microsoft warns of ‘payroll pirate’ crew looting US university salaries

Oct 10, 2025 4:23 PM

Tags: microsoft, phishing

Crooks phish campus staff, slip into HR systems, and quietly reroute paychecks First seen on theregister.com Jump to article: www.theregister.com/2025/10/10/microsoft_payroll_pirate/
Microsoft warns of ‘payroll pirate’ crew looting US university salaries

Oct 10, 2025 4:23 PM

Tags: microsoft, phishing

Crooks phish campus staff, slip into HR systems, and quietly reroute paychecks First seen on theregister.com Jump to article: www.theregister.com/2025/10/10/microsoft_payroll_pirate/
Ukraine sees surge in AI-Powered cyberattacks by Russia-linked Threat Actors

Oct 10, 2025 4:23 PM

Tags: ai, attack, communications, country, cyber, cyberattack, hacker, incident, malware, phishing, russia, service, threat, ukraine

Russia-linked actors use AI to craft phishing and malware attacks against entities in Ukraine, says SSSCIP. Russian hackers increasingly use AI in cyberattacks against Ukraine, the country’s State Service for Special Communications and Information Protection (SSSCIP) reported. Beyond AI-generated phishing, some malware samples now show AI-generated code. In H1 2025, Ukraine recorded 3,018 cyber incidents,…
Ukraine sees surge in AI-Powered cyberattacks by Russia-linked Threat Actors

Oct 10, 2025 4:23 PM

Tags: ai, attack, communications, country, cyber, cyberattack, hacker, incident, malware, phishing, russia, service, threat, ukraine

Russia-linked actors use AI to craft phishing and malware attacks against entities in Ukraine, says SSSCIP. Russian hackers increasingly use AI in cyberattacks against Ukraine, the country’s State Service for Special Communications and Information Protection (SSSCIP) reported. Beyond AI-generated phishing, some malware samples now show AI-generated code. In H1 2025, Ukraine recorded 3,018 cyber incidents,…
Report für Q2 2025 – Cisco warnt vor Phishing durch Kollegen

Oct 10, 2025 4:23 PM

Tags: cisco, phishing

First seen on security-insider.de Jump to article: www.security-insider.de/cisco-talos-report-phishing-attacken-kollegen-konten-a-182ef6c18d3f61c59a94721e7fc48604/
175 Malicious npm Packages Targeting Tech and Energy Firms, 26,000 Downloads

Oct 10, 2025 2:23 PM

Tags: credentials, cyber, infrastructure, malicious, phishing, threat

Socket’s Threat Research Team has uncovered a sprawling phishing campaign”, dubbed “Beamglea””, leveraging 175 malicious npm packages that have amassed over 26,000 downloads. These packages serve solely as hosting infrastructure, redirecting victims to credential-harvesting pages. Though randomly named packages make accidental developer installation unlikely, the download counts reflect security researchers, automated scanners, and CDN providers…
175 Malicious npm Packages Targeting Tech and Energy Firms, 26,000 Downloads

Oct 10, 2025 2:23 PM

Tags: credentials, cyber, infrastructure, malicious, phishing, threat

Socket’s Threat Research Team has uncovered a sprawling phishing campaign”, dubbed “Beamglea””, leveraging 175 malicious npm packages that have amassed over 26,000 downloads. These packages serve solely as hosting infrastructure, redirecting victims to credential-harvesting pages. Though randomly named packages make accidental developer installation unlikely, the download counts reflect security researchers, automated scanners, and CDN providers…
175 Malicious npm Packages Targeting Tech and Energy Firms, 26,000 Downloads

Oct 10, 2025 2:23 PM

Tags: credentials, cyber, infrastructure, malicious, phishing, threat

Socket’s Threat Research Team has uncovered a sprawling phishing campaign”, dubbed “Beamglea””, leveraging 175 malicious npm packages that have amassed over 26,000 downloads. These packages serve solely as hosting infrastructure, redirecting victims to credential-harvesting pages. Though randomly named packages make accidental developer installation unlikely, the download counts reflect security researchers, automated scanners, and CDN providers…
175 Malicious npm Packages Targeting Tech and Energy Firms, 26,000 Downloads

Oct 10, 2025 2:23 PM

Tags: credentials, cyber, infrastructure, malicious, phishing, threat

Socket’s Threat Research Team has uncovered a sprawling phishing campaign”, dubbed “Beamglea””, leveraging 175 malicious npm packages that have amassed over 26,000 downloads. These packages serve solely as hosting infrastructure, redirecting victims to credential-harvesting pages. Though randomly named packages make accidental developer installation unlikely, the download counts reflect security researchers, automated scanners, and CDN providers…