Collecting Cyber-News from over 60 sources

Tag: phishing

kkRAT Exploits Network Protocols to Exfiltrate Clipboard Data

Sep 11, 2025 1:16 PM

Tags: access, attack, cyber, data, endpoint, exploit, github, malicious, network, phishing, rat, software, threat

The threat actor delivers three Remote Access Trojans (RATs)”, ValleyRAT, FatalRAT, and a newly discovered RAT dubbed kkRAT”, via phishing sites hosted on GitHub Pages. These sites masquerade as legitimate software installers for popular applications. In each instance, a ZIP archive contains a malicious executable that initiates a multi-stage attack chain designed to evade analysis,…
KI-gestützter Phishing-Angriffe auf Krankenhäuser wird zunehmen

Sep 11, 2025 1:16 PM

Tags: ai, cyberattack, mail, phishing, tool

Unter Zuhilfenahme generativer KI-Tools können Angreifer schnell, unkompliziert, überzeugend und skalierend E-Mails erstellen First seen on infopoint-security.de Jump to article: www.infopoint-security.de/ki-gestuetzter-phishing-angriffe-auf-krankenhaeuser-wird-zunehmen/a41979/
Schadcode eingeschleust: Große NPM-Attacke betrifft jede zehnte Cloud-Umgebung

Sep 11, 2025 11:16 AM

Tags: cloud, exploit, mail, malware, phishing

Eine einfache Phishing-Mail hat unzählige Malware-Infektionen zur Folge. Auch Cloud-Systeme sind betroffen. Dennoch geht der Angreifer fast leer aus. First seen on golem.de Jump to article: www.golem.de/news/schadcode-eingeschleust-grosse-npm-attacke-betrifft-jede-zehnte-cloud-umgebung-2509-199990.html
Cybervorfall bei der Kulturstiftung der Länder

Sep 11, 2025 8:16 AM

Tags: mail, phishing

Bei der Kulturstiftung der Länder hat es wohl einen Cybervorfall gegeben. Es wurden E-Mail-Postfächer von Mitarbeitern kompromittiert, und dann wurden “letztes Wochenende” (6./7.9.2025) Phishing-Mails über dieses Postfach verschickt. Dort wurden die Empfänger zur Eingabe von Outlook-Zugangsdaten aufgefordert. Ein Leser hatte … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/09/11/phishing-cybervorfall-bei-der-kulturstiftung-der-laender/
Menschenzentrierte Cybersicherheit gewinnt an Bedeutung

Sep 11, 2025 7:16 AM

Tags: ai, awareness, ciso, cyersecurity, deep-fake, gartner, mail, monitoring, password, phishing, risk, risk-management, social-engineering, threat, tool, training

Lesen Sie, worauf es beim Human Risk Management ankommt.Die Rolle des CISO in Unternehmen hat sich stark gewandelt, vom Cybersicherheitsexperten mit Technikfokus hin zu einem Manager von Mensch und Maschine. Gerade diese Kompetenzen sind insbesondere essentiell, um größten Cybersicherheitsrisiken zu reduzieren. Immer wieder nutzen Cyberkriminelle Social Engineering und somit menschliches Handeln, um Unternehmen effektiv zu…
How npm Security Collapsed Thanks To a 2FA Exploit

Sep 11, 2025 5:16 AM

Tags: 2fa, attack, authentication, exploit, mfa, phishing

Billions (No, that’s not a typo, Billions with a capital B) of files were potentially compromised. If you thought Node Package Manager (npm), the JavaScript runtime environment Node.js’s default package manager, had finally stopped having serious security problems, you thought wrong. This time, a two-factor authentication (2FA) phishing attack left developers frustrated, angry, and in..…
Ransomware insurance losses spike despite fewer claims: Resilience

Sep 10, 2025 6:22 PM

Tags: ai, attack, insurance, phishing, ransomware, resilience, tactics, theft

AI-powered phishing, “double extortion” tactics and insurance policy theft are fueling more destructive, costly ransomware attacks, the;cybersecurity firm said. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ransomware-insurance-losses-spike-claims-resilience-ai-phishing/759626/
Neues Phishing-Framework umgeht Multi-Faktor-Authentifizierung

Sep 10, 2025 6:22 PM

Tags: authentication, ceo, ciso, cloud, corporate, cyberattack, framework, hacker, Hardware, infrastructure, mail, mfa, microsoft, passkey, password, phishing, service, strategy, zero-trust

Phishing 2.0 nutzt Subdomain-Rotation und Geoblocking.Eine kürzlich aufgedeckte Phishing-Kampagne steht in Verbindung mit Salty2FA, einem Phishing-as-a-Service-(PhaaS-)Framework. Es soll entwickelt worden sein, um Multi-Faktor-Authentifizierung (MFA) zu umgehen.Wie die Cybersicherheitsfirma Ontinue herausgefunden hat,fängt sie Verifizierungsmethoden ab,rotiert Subdomains undtarnt sich innerhalb vertrauenswürdiger Plattformen wie Cloudflare Turnstile.In unserer US-Schwesterpublikation CSO erklärten die Experten, dass die Kampagne ‘bemerkenswerte technische Innovationen”…
6 hot cybersecurity trends

Sep 10, 2025 5:16 PM

Tags: access, ai, attack, automation, awareness, breach, ceo, chatgpt, cisco, ciso, cloud, compliance, credentials, crowdstrike, cyber, cybersecurity, data, data-breach, deep-fake, edr, email, endpoint, finance, firewall, google, group, hacker, ibm, identity, incident response, infrastructure, intelligence, jobs, law, LLM, malicious, mfa, monitoring, network, open-source, password, phishing, phone, radius, RedTeam, risk, risk-assessment, sans, skills, sophos, strategy, supply-chain, theft, threat, tool, training, unauthorized, update, vulnerability, zero-trust

2. Protecting AI from attacks: AI can help CISOs protect their IT infrastructure, but who’s protecting the AI?”While 2024 saw a surge in proof-of-concept (POC) projects for gen AI, many organizations are moving these projects into production without conducting comprehensive risk assessments,” IDC concludes in its 2025 Security and Trust FutureScape.”Companies may face significant vulnerabilities…
6 hot cybersecurity trends

Sep 10, 2025 5:16 PM

Tags: access, ai, attack, automation, awareness, breach, ceo, chatgpt, cisco, ciso, cloud, compliance, credentials, crowdstrike, cyber, cybersecurity, data, data-breach, deep-fake, edr, email, endpoint, finance, firewall, google, group, hacker, ibm, identity, incident response, infrastructure, intelligence, jobs, law, LLM, malicious, mfa, monitoring, network, open-source, password, phishing, phone, radius, RedTeam, risk, risk-assessment, sans, skills, sophos, strategy, supply-chain, theft, threat, tool, training, unauthorized, update, vulnerability, zero-trust

2. Protecting AI from attacks: AI can help CISOs protect their IT infrastructure, but who’s protecting the AI?”While 2024 saw a surge in proof-of-concept (POC) projects for gen AI, many organizations are moving these projects into production without conducting comprehensive risk assessments,” IDC concludes in its 2025 Security and Trust FutureScape.”Companies may face significant vulnerabilities…
Lazarus Group Is Exploiting CVE-2025-48384 in New Phishing Campaign

Sep 10, 2025 5:16 PM

Tags: cve, exploit, group, lazarus, phishing

The post Lazarus Group Is Exploiting CVE-2025-48384 in New Phishing Campaign appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/lazarus-group-is-exploiting-cve-2025-48384-in-new-phishing-campaign/
KI-Vishing Wenn eine bekannte Stimme zum Sicherheitsrisiko wird

Sep 10, 2025 5:16 PM

Tags: ai, phishing, social-engineering

Künstliche Intelligenz verändert die Bedrohungslage im Bereich Social-Engineering grundlegend insbesondere durch sogenanntes Voice-Phishing, kurz Vishing. Bei dieser Methode inszenieren Cyberkriminelle mit KI-generierten Stimmen täuschend echte Anrufe, um Mitarbeiter zu Zahlungen oder zur Herausgabe sensibler Informationen zu bewegen. Wenn KI die Stimme von Vorgesetzten imitiert Die Methode ist ebenso raffiniert wie gefährlich: Angreifer nutzen […] First…
New Buterat Backdoor Malware Found in Enterprise and Government Networks

Sep 10, 2025 5:16 PM

Tags: access, backdoor, government, malware, network, phishing

Meet Buterat, a new backdoor malware spreading through phishing and trojanized downloads, giving attackers persistent access to enterprise and government networks. First seen on hackread.com Jump to article: hackread.com/buterat-backdoor-malware-enterprise-govt-networks/
Lazarus Hackers Abuse Git Symlink Vulnerability in Stealthy Phishing Campaign

Sep 10, 2025 5:16 PM

Tags: breach, crypto, cyber, finance, government, group, hacker, lazarus, phishing, tactics, vulnerability

KuCoin’s security team has uncovered a new phishing campaign orchestrated by the Lazarus Group (APT38), the notorious state-sponsored collective renowned for financially motivated cyberespionage. Armed with government resources and a history of high-profile breaches, Lazarus continues to evolve its tactics to target cryptocurrency and financial institutions worldwide. Over the last decade, Lazarus has homed in…
Lazarus Hackers Abuse Git Symlink Vulnerability in Stealthy Phishing Campaign

Sep 10, 2025 5:16 PM

Tags: breach, crypto, cyber, finance, government, group, hacker, lazarus, phishing, tactics, vulnerability

KuCoin’s security team has uncovered a new phishing campaign orchestrated by the Lazarus Group (APT38), the notorious state-sponsored collective renowned for financially motivated cyberespionage. Armed with government resources and a history of high-profile breaches, Lazarus continues to evolve its tactics to target cryptocurrency and financial institutions worldwide. Over the last decade, Lazarus has homed in…
Lazarus Hackers Abuse Git Symlink Vulnerability in Stealthy Phishing Campaign

Sep 10, 2025 5:16 PM

Tags: breach, crypto, cyber, finance, government, group, hacker, lazarus, phishing, tactics, vulnerability

KuCoin’s security team has uncovered a new phishing campaign orchestrated by the Lazarus Group (APT38), the notorious state-sponsored collective renowned for financially motivated cyberespionage. Armed with government resources and a history of high-profile breaches, Lazarus continues to evolve its tactics to target cryptocurrency and financial institutions worldwide. Over the last decade, Lazarus has homed in…
Watch Out for Salty2FA: New Phishing Kit Targeting US and EU Enterprises

Sep 10, 2025 5:16 PM

Tags: authentication, corporate, mfa, phishing, service

Phishing-as-a-Service (PhaaS) platforms keep evolving, giving attackers faster and cheaper ways to break into corporate accounts. Now, researchers at ANY.RUN has uncovered a new entrant: Salty2FA, a phishing kit designed to bypass multiple two-factor authentication methods and slip past traditional defenses. Already spotted in campaigns across the US and EU, Salty2FA puts enterprises at First…
Phishing schlägt 2FA: Massiver Angriff auf npm-Pakete legt die Schwachstelle Mensch offen

Sep 10, 2025 5:16 PM

Tags: 2fa, cyberattack, phishing, vulnerability

First seen on t3n.de Jump to article: t3n.de/news/npm-supply-chain-angriff-phishing-malware-1706449/
Phishing schlägt 2FA: Massiver Angriff auf npm-Pakete legt die Schwachstelle Mensch offen

Sep 10, 2025 5:16 PM

Tags: 2fa, cyberattack, phishing, vulnerability

First seen on t3n.de Jump to article: t3n.de/news/npm-supply-chain-angriff-phishing-malware-1706449/
Supply chain attack targets npm, +2 Billion weekly npm downloads exposed

Sep 9, 2025 9:13 PM

Tags: 2fa, attack, data-breach, email, phishing, supply-chain, threat

Multiple popular npm packages were compromised in a supply chain attack after a maintainer fell for a phishing email targeting 2FA credentials. A supply chain attack compromised multiple popular npm packages with 2B weekly downloads after a maintainer fell for a phishing email mimicking npm, targeting 2FA credentials. Threat actors targeted Josh Junon’s (Qix) to…
Hackers Compromise 18 NPM Packages in Supply Chain Attack

Sep 9, 2025 9:13 PM

Tags: attack, credentials, crypto, hacker, malware, phishing, software, supply-chain

Attacker Socially Engineered Developer With Phishing Email. A hacker laced 18 popular npm packages with cryptocurrency stealing malware after socially engineering the developer into giving up his credentials to the JavaScript runtime environment. Aikido Security said the 18 software packages collectively have downloads of more than two billion each week. First seen on govinfosecurity.com Jump…
Salty2FA Takes Phishing Kits to Enterprise Level

Sep 9, 2025 6:08 PM

Tags: cybercrime, phishing, strategy

Cybercriminal operations use the same strategy and planning as legitimate organizations as they arm adversarial phishing kits with advanced features. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/salty2fa-phishing-kits-enterprise-level
New Salty2FA Phishing Kit Bypasses MFA and Clones Login Pages

Sep 9, 2025 6:08 PM

Tags: login, mfa, phishing, tactics

A new, sophisticated phishing kit, Salty2FA, is using advanced tactics to bypass MFA and mimic trusted brands. Read… First seen on hackread.com Jump to article: hackread.com/salty2fa-phishing-kit-bypasses-mfa-clone-login-pages/
How One Phishing Email Compromised 18 npm Packages and Billions of Installs

Sep 9, 2025 5:08 PM

Tags: 2fa, attack, credentials, crypto, email, malware, phishing, supply-chain

On September 8, 2025, a single phishing email triggered one of npm’s most damaging supply chain attacks, compromising 18 popular JavaScript packages with over 2.6 billion weekly downloads. By tricking a maintainer into revealing credentials and 2FA codes, attackers injected crypto-stealing malware into widely used libraries. This blog unpacks how it happened, which packages were…
Axios Abuse and Salty 2FA Kits Fuel Advanced Microsoft 365 Phishing Attacks

Sep 9, 2025 5:08 PM

Tags: 2fa, attack, cybersecurity, microsoft, phishing, threat, tool

Threat actors are abusing HTTP client tools like Axios in conjunction with Microsoft’s Direct Send feature to form a “highly efficient attack pipeline” in recent phishing campaigns, according to new findings from ReliaQuest.”Axios user agent activity surged 241% from June to August 2025, dwarfing the 85% growth of all other flagged user agents combined,” the…
Phishing kit Salty2FA washes away confidence in MFA

Sep 9, 2025 4:08 PM

Tags: access, authentication, awareness, breach, ceo, control, credentials, defense, detection, framework, mfa, passkey, password, phishing, threat, training, zero-trust

A call for layered and adaptive defenses: Countering Salty2FA might need something more than passwords and legacy controls, industry experts agreed. Darren Guccione, CEO of Keeper Security, argued that passkeys and passwordless authentication should be part of the strategy. “These technologies complement existing security measures by reducing reliance on traditional passwords, which remain a prime…
Phishing kit Salty2FA washes away confidence in MFA

Sep 9, 2025 4:08 PM

Tags: access, authentication, awareness, breach, ceo, control, credentials, defense, detection, framework, mfa, passkey, password, phishing, threat, training, zero-trust

A call for layered and adaptive defenses: Countering Salty2FA might need something more than passwords and legacy controls, industry experts agreed. Darren Guccione, CEO of Keeper Security, argued that passkeys and passwordless authentication should be part of the strategy. “These technologies complement existing security measures by reducing reliance on traditional passwords, which remain a prime…
npm-Hack: Konto gehackt; 18 npm-Pakete mit Millionen Downloads kompromittiert

Sep 9, 2025 4:08 PM

Tags: hacker, phishing

Der nächste Vorfall in Sachen Lieferkettenangriff ist gerade passiert. Seit dem gestrigen 8. Sept. 2025 gibt es Berichte, dass npm-Pakete kompromittiert seien. Nun kristallisiert sich heraus, dass das Konto eines Entwicklers durch simples Phishing gehackt wurde. Die Hacker konnten 18 … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/09/09/npm-desaster-konto-gehackt-18-npm-pakete-mit-millionen-downloads-kompromittiert/
npm-Hack: Konto gehackt; 18 npm-Pakete mit Millionen Downloads kompromittiert

Sep 9, 2025 4:08 PM

Tags: hacker, phishing

Der nächste Vorfall in Sachen Lieferkettenangriff ist gerade passiert. Seit dem gestrigen 8. Sept. 2025 gibt es Berichte, dass npm-Pakete kompromittiert seien. Nun kristallisiert sich heraus, dass das Konto eines Entwicklers durch simples Phishing gehackt wurde. Die Hacker konnten 18 … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/09/09/npm-desaster-konto-gehackt-18-npm-pakete-mit-millionen-downloads-kompromittiert/
Phishing Alert: Kimusky Hackers Masquerade as Tax Authority with ‘September Tax Return Due Date’ Email

Sep 9, 2025 4:08 PM

Tags: cyber, email, hacker, Internet, malicious, north-korea, phishing, service, threat

South Korean internet users are being targeted by a sophisticated phishing campaign attributed to the North Korean threat actor known as Kimsuky. The malicious emails, masquerading as official notices from the National Tax Service (NTS), inform recipients of a “September Tax Return Payment Due Notice” and urge them to click a link to view an…