Tag: phishing
-
175 Malicious npm Packages with 26,000 Downloads Used in Credential Phishing Campaign
Cybersecurity researchers have flagged a new set of 175 malicious packages on the npm registry that have been used to facilitate credential harvesting attacks as part of an unusual campaign.The packages have been collectively downloaded 26,000 times, acting as an infrastructure for a widespread phishing campaign codenamed Beamglea targeting more than 135 industrial, technology, and…
-
175 Malicious npm Packages with 26,000 Downloads Used in Credential Phishing Campaign
Cybersecurity researchers have flagged a new set of 175 malicious packages on the npm registry that have been used to facilitate credential harvesting attacks as part of an unusual campaign.The packages have been collectively downloaded 26,000 times, acting as an infrastructure for a widespread phishing campaign codenamed Beamglea targeting more than 135 industrial, technology, and…
-
The Rise of AI-Powered Phishing How to Spot New Attacks
In today’s digital age, cybercriminals are leveraging AI to craft more convincing phishing scams. Recently, I encountered a sophisticated phishing attempt that underscores the growing threat of AI-powered fraud. Here’s what you need to know to protect yourself. The phishing email I received included detailed information about my career, likely scraped from my LinkedIn profile…
-
The Rise of AI-Powered Phishing How to Spot New Attacks
In today’s digital age, cybercriminals are leveraging AI to craft more convincing phishing scams. Recently, I encountered a sophisticated phishing attempt that underscores the growing threat of AI-powered fraud. Here’s what you need to know to protect yourself. The phishing email I received included detailed information about my career, likely scraped from my LinkedIn profile…
-
Hackers Exploit Microsoft Employee Accounts in Salary Theft Scheme
Tags: attack, authentication, credentials, cyber, exploit, finance, hacker, intelligence, microsoft, phishing, theft, threatMicrosoft Threat Intelligence is sounding the alarm on a surge of sophisticated “payroll pirate” attacks, in which financially motivated adversaries hijack employee accounts to reroute salary payments to attacker-controlled bank accounts. In the first half of 2025, Storm-2657 launched a widespread phishing campaign against university staff, harvesting credentials and multifactor authentication (MFA) codes. Attackers deployed…
-
Hackers Exploit Microsoft Employee Accounts in Salary Theft Scheme
Tags: attack, authentication, credentials, cyber, exploit, finance, hacker, intelligence, microsoft, phishing, theft, threatMicrosoft Threat Intelligence is sounding the alarm on a surge of sophisticated “payroll pirate” attacks, in which financially motivated adversaries hijack employee accounts to reroute salary payments to attacker-controlled bank accounts. In the first half of 2025, Storm-2657 launched a widespread phishing campaign against university staff, harvesting credentials and multifactor authentication (MFA) codes. Attackers deployed…
-
Hackers Exploit Microsoft Employee Accounts in Salary Theft Scheme
Tags: attack, authentication, credentials, cyber, exploit, finance, hacker, intelligence, microsoft, phishing, theft, threatMicrosoft Threat Intelligence is sounding the alarm on a surge of sophisticated “payroll pirate” attacks, in which financially motivated adversaries hijack employee accounts to reroute salary payments to attacker-controlled bank accounts. In the first half of 2025, Storm-2657 launched a widespread phishing campaign against university staff, harvesting credentials and multifactor authentication (MFA) codes. Attackers deployed…
-
ClayRat campaign uses Telegram and phishing sites to distribute Android spyware
ClayRat Android spyware targets Russian users via fake Telegram channels and phishing sites posing as popular apps like WhatsApp and YouTube. The ClayRat Android spyware campaign targets Russian users via fake Telegram channels and phishing sites posing as popular apps like Google Photos, WhatsApp, TikTok, YouTube. Zimperium named the spyware ClayRat after its C2 server,…
-
ClayRat campaign uses Telegram and phishing sites to distribute Android spyware
ClayRat Android spyware targets Russian users via fake Telegram channels and phishing sites posing as popular apps like WhatsApp and YouTube. The ClayRat Android spyware campaign targets Russian users via fake Telegram channels and phishing sites posing as popular apps like Google Photos, WhatsApp, TikTok, YouTube. Zimperium named the spyware ClayRat after its C2 server,…
-
From HealthKick to GOVERSHELL: The Evolution of UTA0388’s Espionage Malware
A China-aligned threat actor codenamed UTA0388 has been attributed to a series of spear-phishing campaigns targeting North America, Asia, and Europe that are designed to deliver a Go-based implant known as GOVERSHELL.”The initially observed campaigns were tailored to the targets, and the messages purported to be sent by senior researchers and analysts from legitimate-sounding, completely…
-
‘Payroll pirate’ hackers diverting salary payments from university employees, Microsoft says
A phishing campaign is gaining access to universities’ third-party platforms and routing employee paychecks to accounts controlled by hackers, researchers said. First seen on therecord.media Jump to article: therecord.media/universities-phishing-payroll-pirates
-
New ClayRat Spyware Targets Android Users via Fake WhatsApp and TikTok Apps
A rapidly evolving Android spyware campaign called ClayRat has targeted users in Russia using a mix of Telegram channels and lookalike phishing websites by impersonating popular apps like WhatsApp, Google Photos, TikTok, and YouTube as lures to install them.”Once active, the spyware can exfiltrate SMS messages, call logs, notifications, and device information; taking photos with…
-
ClayRat spyware turns phones into distribution hubs via SMS and Telegram
Fighting a self-spreading spyware: Experts say combating ClayRat requires both technical hardening and behavioral hygiene.”Security teams should enforce a layered mobile security posture that reduces installation paths, detects compromise, and limits blast radius,” said Jason Soroko, Senior Fellow at Sectigo. He recommends blocking sideloading through Android Enterprise policy, deploying mobile threat defense integrated with endpoint…
-
Homeland Security’s reassignment of CISA staff leaves US networks exposed
Tags: breach, cisa, data-breach, detection, exploit, flaw, governance, group, identity, intelligence, mfa, network, phishing, updateWake-up call for enterprises: The current situation acts as a wake-up call for enterprises. CISA may not be able to actively engage in issuing alerts and advisories, given its lack of resources.Organizations, therefore, cannot afford to wait for official confirmation on every new vulnerability. Acting on credible intelligence, within clear governance limits, can prevent a…
-
Homeland Security’s reassignment of CISA staff leaves US networks exposed
Tags: breach, cisa, data-breach, detection, exploit, flaw, governance, group, identity, intelligence, mfa, network, phishing, updateWake-up call for enterprises: The current situation acts as a wake-up call for enterprises. CISA may not be able to actively engage in issuing alerts and advisories, given its lack of resources.Organizations, therefore, cannot afford to wait for official confirmation on every new vulnerability. Acting on credible intelligence, within clear governance limits, can prevent a…
-
Homeland Security’s reassignment of CISA staff leaves US networks exposed
Tags: breach, cisa, data-breach, detection, exploit, flaw, governance, group, identity, intelligence, mfa, network, phishing, updateWake-up call for enterprises: The current situation acts as a wake-up call for enterprises. CISA may not be able to actively engage in issuing alerts and advisories, given its lack of resources.Organizations, therefore, cannot afford to wait for official confirmation on every new vulnerability. Acting on credible intelligence, within clear governance limits, can prevent a…
-
Your cyber risk problem isn’t tech, it’s architecture
Tags: ai, attack, awareness, best-practice, business, ciso, cloud, compliance, container, control, csf, cyber, cybersecurity, data, data-breach, defense, finance, framework, GDPR, governance, grc, group, intelligence, Internet, ISO-27001, mitre, nist, PCI, phishing, privacy, ransomware, regulation, risk, risk-assessment, risk-management, software, strategy, threat, training, update, vulnerabilityIf the company already has a mature risk culture: The implementation of a cybersecurity management project becomes more flexible. Since my goal is to share the mechanics to achieve success in a cybersecurity program, I emphasize below some components of this ‘recipe’ to consider: Understand the dynamics and scope of the business, mapping stakeholders, processes…
-
Your cyber risk problem isn’t tech, it’s architecture
Tags: ai, attack, awareness, best-practice, business, ciso, cloud, compliance, container, control, csf, cyber, cybersecurity, data, data-breach, defense, finance, framework, GDPR, governance, grc, group, intelligence, Internet, ISO-27001, mitre, nist, PCI, phishing, privacy, ransomware, regulation, risk, risk-assessment, risk-management, software, strategy, threat, training, update, vulnerabilityIf the company already has a mature risk culture: The implementation of a cybersecurity management project becomes more flexible. Since my goal is to share the mechanics to achieve success in a cybersecurity program, I emphasize below some components of this ‘recipe’ to consider: Understand the dynamics and scope of the business, mapping stakeholders, processes…
-
From Phishing to Malware: AI Becomes Russia’s New Cyber Weapon in War on Ukraine
Russian hackers’ adoption of artificial intelligence (AI) in cyber attacks against Ukraine has reached a new level in the first half of 2025 (H1 2025), the country’s State Service for Special Communications and Information Protection (SSSCIP) said.”Hackers now employ it not only to generate phishing messages, but some of the malware samples we have analyzed…
-
APT Hackers Abuse ChatGPT to Develop Advanced Malware and Phishing Campaigns
Tags: ai, apt, chatgpt, china, cyber, cyberattack, email, group, hacker, intelligence, malware, phishing, spear-phishing, threatSecurity researchers at Volexity have uncovered compelling evidence that China-aligned threat actors are leveraging artificial intelligence platforms like ChatGPT to enhance their sophisticated cyberattack capabilities. The group, tracked as UTA0388, has been conducting sophisticated spear phishing campaigns since June 2025, using AI assistance to develop malware and craft multilingual phishing emails targeting organizations across North…
-
APT Meets GPT: China-Aligned UTA0388 Used ChatGPT for Automated, Multilingual Spear-Phishing
The post APT Meets GPT: China-Aligned UTA0388 Used ChatGPT for Automated, Multilingual Spear-Phishing appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/apt-meets-gpt-china-aligned-uta0388-used-chatgpt-for-automated-multilingual-spear-phishing/
-
OpenAI Blocks Global Hackers Misusing ChatGPT for Cyberattacks
OpenAI halts hackers from Russia, North Korea, and China exploiting ChatGPT for malware and phishing attacks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/chatgpt-cyberattacks/
-
OpenAI Blocks Global Hackers Misusing ChatGPT for Cyberattacks
OpenAI halts hackers from Russia, North Korea, and China exploiting ChatGPT for malware and phishing attacks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/chatgpt-cyberattacks/
-
OpenAI Blocks Global Hackers Misusing ChatGPT for Cyberattacks
OpenAI halts hackers from Russia, North Korea, and China exploiting ChatGPT for malware and phishing attacks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/chatgpt-cyberattacks/
-
Hackers Exploit WordPress Sites to Power Next-Gen ClickFix Phishing Attacks
Cybersecurity researchers are calling attention to a nefarious campaign targeting WordPress sites to make malicious JavaScript injections that are designed to redirect users to sketchy sites.”Site visitors get injected content that was drive-by malware like fake Cloudflare verification,” Sucuri researcher Puja Srivastava said in an analysis published last week.The website security company First seen on…
-
Calling All Influencers: Spear-Phishers Dangle Tesla, Red Bull Jobs
Wanna work for a hot brand? Cyberattackers continue to evolve lures for job seekers in an impersonation campaign aimed at stealing resumes from social media pros. First seen on darkreading.com Jump to article: www.darkreading.com/remote-workforce/influencers-phishers-tesla-red-bull-jobs
-
Russian hackers turn to AI as old tactics fail, Ukrainian CERT says
Russian hackers are now using AI not only to write phishing messages but also to generate malicious code itself. First seen on therecord.media Jump to article: therecord.media/russian-hackers-turn-to-ai-ukraine-cert