Tag: phishing
-
Iran-Linked Hackers Target US Aviation with Phishing and SEO Poisoning Campaign
Iran’s Nimbus Manticore pushes AI-built MiniFast backdoor via phishing and SEO poisoning First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/iranian-hackers-us-aviation/
-
Iran-Linked Hackers Target US Aviation with Phishing and SEO Poisoning Campaign
Iran’s Nimbus Manticore pushes AI-built MiniFast backdoor via phishing and SEO poisoning First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/iranian-hackers-us-aviation/
-
Phishing Campaigns Exploit RCS and iMessage to Evade SMS Security Filters
Phishing campaigns are entering a new phase as attackers abandon traditional SMS delivery and static credential theft in favor of encrypted messaging channels and real-time account takeover techniques. Unlike conventional SMS phishing, RCS and iMessage operate over data networks with end-to-end encryption, limiting carriers’ ability to inspect or block malicious content. Threat actors are exploiting…
-
Malicious PDF LNK Files Deploy Cobalt Strike in Operation Dragon Whistle
A newly uncovered cyber campaign dubbed “Operation Dragon Whistle” is targeting China’s education sector with highly tailored spear-phishing attacks that deploy Cobalt Strike beacons via deceptive PDF/LNK files. The attackers crafted emails that impersonate official university communications, urging students and faculty to review an important testing notice. The message includes a ZIP attachment named in…
-
Product showcase: F-Secure Internet Security blocks phishing sites, fake stores, and SMS scams
F-Secure Internet Security protects against viruses, ransomware, spyware, infected email attachments, and other cyber threats. It focuses on securing devices and online … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/26/product-showcase-f-secure-internet-security-android/
-
FBI warns of Kali365 phishing service targeting Microsoft 365 accounts
The FBI is warning about the Kali365 phishing-as-a-service platform (PhaaS) that is used to hijack Microsoft 365 accounts by abusing OAuth device code authentication to steal session tokens and bypass multi-factor authentication (MFA). First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-warns-of-kali365-phishing-service-targeting-microsoft-365-accounts/
-
FBI Warns ‘Kali365’ Phishing Kit Hijacks Microsoft 365 OAuth Tokens
The Kali365 phishing-as-a-service platform lowers the barrier of entry for cybercriminals, said the FBI First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/fbi-kali365-phishing-kit-m365/
-
Hackers Use CypherLoc Kit to Push Fake Microsoft Support Scams
CypherLoc is a sophisticated browser-lock scareware designed to drive victims to fraudulent tech support calls. It evades scanners and sandboxes by executing in an encrypted, condition-based manner inside the browser. Security teams should have robust anti-phishing, browser, and endpoint protections and prioritize user education. Since the start of 2026, Barracuda researchers have observed around 2.8 million…
-
Ghostwriter Is Back, Using a Ukrainian Learning Platform as Bait to Hit Government Targets
Ghostwriter targeted Ukrainian government agencies with phishing emails delivering malware and Cobalt Strike payloads. The Belarus-nexus APT group Ghostwriter (also tracked as UAC-0057 and UNC1151) has resurfaced with a new phishing campaign targeting Ukrainian government organizations. This time the lure is Prometheus, a legitimate Ukrainian online learning platform that many government employees actually use. Using…
-
AI-Powered Phishing Puts MSSPs on the Defensive: Barracuda
First seen on scworld.com Jump to article: www.scworld.com/news/ai-makes-phishing-easier-for-bad-actors-more-difficult-for-mssps-barracuda
-
FBI warns about fast-growing phishing kit targeting Microsoft 365 users
Kali365, which was first observed in April, abuses legitimate Microsoft device authorization pages to grant persistent access to cybercriminal-controlled applications. First seen on cyberscoop.com Jump to article: cyberscoop.com/fbi-phishing-kali365-microsoft365-access-tokens/
-
FBI warns of Kali365 phishing-as-a-service after April Microsoft 365 attacks
The law enforcement agency published an advisory on Thursday about Kali365, a Telegram-based service for cybercriminals that allows them to capture legitimate “OAuth” tokens enabling widespread access to Microsoft 365 environments. First seen on therecord.media Jump to article: therecord.media/fbi-warns-of-kali365-phishing-attacks
-
FBI Warns of Kali365 Phishing Service Targeting Microsoft 365 Account
FBI warns of Kali365, a PaaS scam kit that lets cybercriminals bypass MFA and hijack Microsoft 365 accounts without passwords. First seen on hackread.com Jump to article: hackread.com/fbi-kali365-phishing-service-microsoft-365-account/
-
Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware
The Belarus-aligned threat actor known as Ghostwriter (aka UAC-0057 and UNC1151Ukraine’s National Security and Defense Council) has been observed using lures related to Prometheus, a Ukrainian online learning platform, to target government organizations in the country.The activity, per the Computer Emergency Response Team of Ukraine (CERT-UA), involves sending phishing emails to government First seen on…
-
Iran-linked hackers target key US, allied sectors with sophisticated spear-phishing messages
Companies, particularly those in the affected industries, should harden their defenses against impersonation schemes, Palo Alto Networks said. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/iran-cyberattacks-espionage-us-israel-uae/820990/
-
World Cup Phishing Surge: 203 Malicious IPs Detected
The scale of phishing activity targeting the 2026 FIFA World Cup has expanded dramatically, with new research revealing a far broader and more complex threat landscape than initially reported. What began as a cluster of 79 malicious domains has now evolved into a distributed phishing ecosystem spanning 222 domains mapped to 203 unique IP addresses…
-
Microsoft 365 users targeted by new phishing threat that bypasses MFA
Microsoft 365 access tokens are being targeted by an emerging Phishing-as-a-Service (PhaaS) platform called Kali365, the FBI is warning. First observed in April 2026, Kali365 … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/22/kali365-microsoft-365-phishing-fbi-warning/
-
Dynamit-Phishing: Neue OAuth-Angriffe kapern Unternehmenszugänge in Sekunden
Mit der zunehmenden Verbreitung von Phishing-as-a-Service und zentralisierten Cloud-Identitäten dürfte die Bedrohung weiter wachsen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/dynamit-phishing-neue-oauth-angriffe-kapern-unternehmenszugaenge-in-sekunden/a45269/
-
One Telecom Provider Hosted Most of the Middle East ‘s Active C2 Infrastructure
Hunt.io mapped 1,350+ C2 servers across the Middle East, revealing how a small group of providers quietly supports major malware activity. For years, threat intelligence focused mostly on malware families, phishing domains, and individual indicators. But a new report from Hunt.io shows why defenders may need to pay closer attention to something more boring, hosting…
-
FBI Warns Kali365 PhaaS Platform Targets Microsoft 365 Users to Steal Logins
The U.S. Federal Bureau of Investigation (FBI) has issued a Public Service Announcement (Alert I-052126-PSA) warning about a newly identified Phishing-as-a-Service (PhaaS) platform named Kali365, which is actively targeting Microsoft 365 users. First observed in April 2026, the platform enables attackers to bypass multi-factor authentication (MFA) by exploiting OAuth-based authentication flows. Kali365 PhaaS Platform Targets Microsoft…
-
Operation Dragon Whistle Targets Changzhou University with Malicious LNK Files
A recent phishing campaign dubbed “Operation Dragon Whistle” highlights an evolving trend in cyberattacks: threat actors abusing legitimate developer tools and cloud services to maintain stealth and persistence. Although initially linked to targeting academic environments such as Changzhou University, new analysis reveals overlapping tactics used in a broader campaign aimed at government-linked organizations, including Pakistan’s…
-
Inside a Crypto Drainer: How to Spot it Before it Empties Your Wallet
Modern crypto drainers don’t hack wallets. They trick users into approving malicious transactions. Flare explores how the Lucifer DaaS platform scales wallet theft through phishing and automation. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/inside-a-crypto-drainer-how-to-spot-it-before-it-empties-your-wallet/
-
Fake Invitation Phishing Campaign Steals Credentials From U.S. Organizations
A large-scale phishing campaign leveraging fake event invitations is actively targeting U.S. organizations, combining credential theft, OTP interception, and remote access tool abuse into a single attack chain. The campaign stands out due to its repeatable phishing framework, which allows threat actors to rapidly generate event-themed lure pages at scale. These pages often begin with…
-
Product showcase: Bitdefender Mobile Security for iOS protects privacy where scams begin
Bitdefender Mobile Security for iOS is a security and privacy application for iPhone and iPad that helps protect against phishing attempts, online scams, unsafe websites, and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/21/product-showcase-bitdefender-mobile-security-for-ios/
-
Browser Threats Are Expanding the SMB Attack Surface
Palo Alto Networks warns that browser-based attacks, AI phishing, and malicious extensions are creating growing cybersecurity risks for SMBs. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/browser-threats-are-expanding-the-smb-attack-surface/
-
Fake Word Phishing Reveals Enterprise Blind Spot in Trusted Remote Access Tools
Disclosure: This article was provided by ANY.RUN. The information and analysis presented are based on their research and findings. First seen on hackread.com Jump to article: hackread.com/fake-word-phishing-enterprise-blind-spot-trusted-remote-access-tools/
-
Signal-Affäre: Klassische IT-SupportAttacken auf Bundestagsabgeordnete
Tags: phishingFirst seen on datensicherheit.de Jump to article: www.datensicherheit.de/signal-affaere-it-support-phishing-attacke-bundestagsabgeordnete
-
From teen hacker to Iron Dome researcher, this founder raised $28M to fight AI phishing
Ocean, an agentic email security platform, raised funding from Lightspeed Venture Partners. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/19/from-teen-hacker-to-iron-dome-researcher-this-founder-raised-28m-to-fight-ai-phishing/