Tag: social-engineering
-
Matryoshka Clickfix Variant Targets macOS Users, Deploys New Stealer Malware
A new variant of the “ClickFix” social engineering campaign specifically targeting macOS users. Codenamed Matryoshka a reference to its multiple nested obfuscation layers this evolution builds on prior ClickFix lures. However, it adds advanced evasion features, including in”‘memory decompression and API”‘gated communication that make detection and analysis significantly harder. Once triggered, the chain loads a stealthy AppleScript payload aimed at stealing…
-
New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS
Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-clickfix-attack-abuses-nslookup-to-retrieve-powershell-payload-via-dns/
-
Microsoft Discloses DNS-Based ClickFix Attack Using Nslookup for Malware Staging
Microsoft has disclosed details of a new version of the ClickFix social engineering tactic in which the attackers trick unsuspecting users into running commands that carry out a Domain Name System (DNS) lookup to retrieve the next-stage payload.Specifically, the attack relies on using the “nslookup” (short for nameserver lookup) command to execute a custom DNS…
-
Fintech firm Figure disclosed data breach after employee phishing attack
Tags: access, attack, blockchain, breach, data, data-breach, fintech, hacker, phishing, social-engineeringFintech firm Figure confirmed a data breach after hackers used social engineering to trick an employee and steal a limited number of files. Blockchain-based lending firm Figure confirmed a data breach after an employee fell victim to a social engineering attack. According to a company spokesperson, the incident allowed hackers to access and steal a…
-
Viral AI Caricatures Highlight Shadow AI Dangers
A viral AI caricature trend may be exposing sensitive enterprise data, fueling shadow AI risks, social engineering attacks, and LLM account compromise. The post Viral AI Caricatures Highlight Shadow AI Dangers appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-ai-caricature-trend-shadow-ai-security-risks/
-
State Hackers Turn Google AI Into Attack Acceleration Tool
Tags: ai, attack, china, cyberattack, exploit, google, hacker, intelligence, iran, korea, malware, north-korea, social-engineering, toolChina, Iran, North Korea Hackers Exploit Gemini Across Attack Life Cycle. State-backed hackers weaponized Google’s artificial intelligence model Gemini to accelerate cyberattacks, using the productivity tool as an offensive asset for reconnaissance, social engineering and malware development. Google said it has disabled accounts and strengthened defenses. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/state-hackers-turn-google-ai-into-attack-acceleration-tool-a-30751
-
State Hackers Turn Google AI Into Attack Acceleration Tool
Tags: ai, attack, china, cyberattack, exploit, google, hacker, intelligence, iran, korea, malware, north-korea, social-engineering, toolChina, Iran, North Korea Hackers Exploit Gemini Across Attack Life Cycle. State-backed hackers weaponized Google’s artificial intelligence model Gemini to accelerate cyberattacks, using the productivity tool as an offensive asset for reconnaissance, social engineering and malware development. Google said it has disabled accounts and strengthened defenses. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/state-hackers-turn-google-ai-into-attack-acceleration-tool-a-30751
-
Ransomware attacks increase against IT and food sectors
Social engineering and zero-day vulnerability weaponization are getting faster and easier, two information sharing and analysis centers said in new reports. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ransomware-attacks-it-food-sectors/812210/
-
Phishing Campaigns Target Users with Fake Meeting Invites and Update Alerts via Zoom, Teams, and Google Meet
An ongoing wave of phishing campaigns exploiting fake meeting invites from popular video conferencing platforms, including Zoom, Microsoft Teams, and Google Meet. The attacks use social engineering to lure corporate users into downloading malicious “software updates,” which are, in reality, digitally signed remote monitoring and management (RMM) tools that grant attackers full remote access to…
-
Google fears massive attempt to clone Gemini AI through model extraction
Tags: access, ai, api, attack, china, ciso, cybercrime, cybersecurity, defense, exploit, google, government, group, hacker, intelligence, iran, jobs, korea, LLM, malicious, malware, north-korea, phishing, russia, service, social-engineering, threat, vulnerabilityNation-state groups used Gemini to accelerate attack operations: Google sees itself not just as a potential victim of AI cybercrime, but also an unwilling enabler. Its report documented how government-backed threat actors from China, Iran, North Korea, and Russia integrated Gemini into their operations in late 2025. The company said it disabled accounts and assets…
-
The $17 Billion Wake-Up Call: Securing Crypto in the Age of AI Scams
AI-driven crypto scams surge as cybercrime hits $17B, with deepfakes, fraud kits, and industrial social engineering reshaping digital asset threats and defenses. First seen on hackread.com Jump to article: hackread.com/17-billion-wake-up-call-securing-crypto-ai-scams/
-
AI-Driven Phishing and QR Code Quishing Surge in 2025 Spam and Phishing Report
The 2025 spam and phishing landscape shows a sharp rise in AI-generated lures and QR codebased “quishing,” alongside complex malware campaigns abusing cracked games and software to deliver information stealers at scale. These trends highlight how social engineering and multi”‘stage loaders now work together to bypass traditional security controls and monetize stolen data. Threat actors…
-
LummaStealer activity spikes post-law enforcement disruption
Bitdefender reports a surge in LummaStealer activity, showing the MaaS infostealer rebounded after 2025 law enforcement disruption. Bitdefender observed renewed LummaStealer activity, proving the MaaS infostealer recovered after 2025 takedowns. Active since 2022, it relies on affiliates, social engineering, fake cracked software, and fake CAPTCHA “ClickFix” lures. CastleLoader plays a key role in spreading it.…
-
Lehren aus dem Substack-Hack
Anfang Februar machte die Meldung die Runde, dass die Newsletter-Plattform Substack einen Datenverlust vermelden musste. Zwar sind wohl keine Finanzdaten oder Login-Passwörter kompromittiert worden, dennoch sollte das Durchsickern von E-Mail-Adressen und Telefonnummern nicht unterschätzt werden. Diese Daten könnten für gezielte Social-Engineering-Angriffe, Spam-Kampagnen, Phishing-E-Mails und zunehmend auch für Smishing-Angriffe per SMS missbraucht werden. Social-Engineering-Taktiken haben sich…
-
Entwickler werden zum Angriffsvektor
Tags: access, ai, api, application-security, best-practice, ceo, ciso, cloud, cyberattack, cybercrime, cybersecurity, data, exploit, hacker, infrastructure, intelligence, jobs, least-privilege, LLM, malware, open-source, phishing, risk, saas, social-engineering, software, spear-phishing, supply-chain, threat, tool, training, vulnerabilitySoftwareentwickler sind gefragt auch unter kriminellen Hackern.Statt einfach “nur” Fehler in Applikationen auszunutzen, entdecken kriminelle Hacker zunehmend die Tools und Zugriffskanäle für sich, auf die sich Softwareentwickler regelmäßig verlassen. Dabei kombinieren sie längst auch unterschiedliche Cybercrime-Taktiken und beziehen auch künstliche Intelligenz (KI) ein, um an ihr Ziel zu gelangen. “Angreifer versuchen nicht mehr nur, in…
-
Entwickler werden zum Angriffsvektor
Tags: access, ai, api, application-security, best-practice, ceo, ciso, cloud, cyberattack, cybercrime, cybersecurity, data, exploit, hacker, infrastructure, intelligence, jobs, least-privilege, LLM, malware, open-source, phishing, risk, saas, social-engineering, software, spear-phishing, supply-chain, threat, tool, training, vulnerabilitySoftwareentwickler sind gefragt auch unter kriminellen Hackern.Statt einfach “nur” Fehler in Applikationen auszunutzen, entdecken kriminelle Hacker zunehmend die Tools und Zugriffskanäle für sich, auf die sich Softwareentwickler regelmäßig verlassen. Dabei kombinieren sie längst auch unterschiedliche Cybercrime-Taktiken und beziehen auch künstliche Intelligenz (KI) ein, um an ihr Ziel zu gelangen. “Angreifer versuchen nicht mehr nur, in…
-
Entwickler werden zum Angriffsvektor
Tags: access, ai, api, application-security, best-practice, ceo, ciso, cloud, cyberattack, cybercrime, cybersecurity, data, exploit, hacker, infrastructure, intelligence, jobs, least-privilege, LLM, malware, open-source, phishing, risk, saas, social-engineering, software, spear-phishing, supply-chain, threat, tool, training, vulnerabilitySoftwareentwickler sind gefragt auch unter kriminellen Hackern.Statt einfach “nur” Fehler in Applikationen auszunutzen, entdecken kriminelle Hacker zunehmend die Tools und Zugriffskanäle für sich, auf die sich Softwareentwickler regelmäßig verlassen. Dabei kombinieren sie längst auch unterschiedliche Cybercrime-Taktiken und beziehen auch künstliche Intelligenz (KI) ein, um an ihr Ziel zu gelangen. “Angreifer versuchen nicht mehr nur, in…
-
Entwickler werden zum Angriffsvektor
Tags: access, ai, api, application-security, best-practice, ceo, ciso, cloud, cyberattack, cybercrime, cybersecurity, data, exploit, hacker, infrastructure, intelligence, jobs, least-privilege, LLM, malware, open-source, phishing, risk, saas, social-engineering, software, spear-phishing, supply-chain, threat, tool, training, vulnerabilitySoftwareentwickler sind gefragt auch unter kriminellen Hackern.Statt einfach “nur” Fehler in Applikationen auszunutzen, entdecken kriminelle Hacker zunehmend die Tools und Zugriffskanäle für sich, auf die sich Softwareentwickler regelmäßig verlassen. Dabei kombinieren sie längst auch unterschiedliche Cybercrime-Taktiken und beziehen auch künstliche Intelligenz (KI) ein, um an ihr Ziel zu gelangen. “Angreifer versuchen nicht mehr nur, in…
-
Posting AI-generated caricatures on social media is risky, infosec killjoys warn
The more you share online, the more you open yourself to social engineering First seen on theregister.com Jump to article: www.theregister.com/2026/02/11/ai_caricatures_social_media_bad_security/
-
Posting AI-generated caricatures on social media is risky, infosec killjoys warn
The more you share online, the more you open yourself to social engineering First seen on theregister.com Jump to article: www.theregister.com/2026/02/11/ai_caricatures_social_media_bad_security/
-
LummaStealer infections surge after CastleLoader malware campaigns
A surge in LummaStealer infections has been observed, driven by social engineering campaigns leveraging the ClickFix technique to deliver the CastleLoader malware. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/lummastealer-infections-surge-after-castleloader-malware-campaigns/
-
UNC1069 Targets Financial Firms With New Tools and AI-Driven Social Engineering Attacks
North Korean threat actor UNC1069 has escalated attacks against the cryptocurrency and decentralized finance (DeFi) sector using sophisticated AI-powered social engineering tactics and seven distinct malware families, according to a recent Mandiant investigation. The financially motivated group, active since 2018, deployed an unprecedented arsenal of tools, including newly discovered malware dubbed SILENCELIFT, DEEPBREATH, and CHROMEPUSH,…
-
AI-driven scams are eroding trust in calls, messages, and meetings
In this Help Net Security video, Miguel Fornés, Governance and Compliance Manager at Surfshark, discusses how AI is changing social engineering attacks. He describes how tasks … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/10/ai-driven-social-engineering-video/
-
Hunderte Frauen betroffen: Mann kapert Snapchat-Konten und klaut Nacktbilder
Tags: social-engineeringDer Beschuldigte drang durch Social Engineering in Snapchat-Konten junger Frauen ein. Er rief intime Bilder ab und verkaufte sie im Internet. First seen on golem.de Jump to article: www.golem.de/news/hunderte-frauen-betroffen-mann-kapert-snapchat-konten-und-klaut-nacktbilder-2602-205173.html
-
Hackers Abuse ClawHub Skills to Evade VirusTotal via Social Engineering
A new evolution in ClawHub skill-based attacks that effectively sidesteps recent security measures. Rather than embedding base64-encoded payloads directly in SKILL.md files, threat actors have now shifted to a simpler approach: hosting malware on convincing lookalike websites and using skills purely as lures. A new iteration of an ongoing ClawHub malicious skills campaign is using…
-
Software developers: Prime cyber targets and a rising risk vector for CISOs
Tags: access, ai, api, application-security, attack, automation, backdoor, breach, ceo, ciso, cloud, container, control, credentials, cyber, cyberattack, cybersecurity, data, data-breach, exploit, flaw, Hardware, identity, infrastructure, intelligence, Internet, jobs, leak, least-privilege, LLM, malicious, malware, marketplace, north-korea, open-source, phishing, programming, resilience, risk, saas, scam, service, social-engineering, software, supply-chain, theft, threat, tool, training, unauthorized, update, vulnerabilityCredential theft and environment compromise: Attackers aren’t just looking for flaws in code “, they’re looking for access to software development environments.Common security shortcomings, including overprivileged service accounts, long-lived tokens, and misconfigured pipelines, offer a ready means for illicit entry into sensitive software development environments.”Improperly stored access credentials are low-hanging fruit for even the most amateur…
-
Apple Pay Users Targeted by Phishing Attack Aimed at Stealing Payment Details
A sophisticated new phishing campaign is targeting Apple Pay users, leveraging high-quality email design and social engineering to bypass security measures. Unlike typical scams that rely on poorly spelled emails and suspicious links, this campaign uses a >>hybrid<>vishing<<, to steal Apple IDs and payment data. […] The post Apple Pay Users Targeted by Phishing Attack…
-
State-Backed Hackers Target Military Officials and Journalists on Signal in Latest Cyberattack
German intelligence and security agencies have issued a high-priority warning regarding a sophisticated cyber espionage campaign targeting military officials, diplomats, and investigative journalists across Europe. The Bundesamt für Verfassungsschutz (BfV) and the Federal Office for Information Security (BSI) identified the attackers as likely state-sponsored actors utilizing social engineering to compromise accounts on the encrypted messaging…
-
Ten career-ending mistakes CISOs make and how to avoid them
Tags: access, ai, attack, awareness, best-practice, breach, business, ciso, cloud, compliance, computing, conference, control, credentials, cyber, cybersecurity, data, defense, detection, encryption, exploit, finance, framework, GDPR, governance, guide, HIPAA, least-privilege, malicious, metric, monitoring, network, password, resilience, risk, social-engineering, strategy, technology, threat, tool, training, vulnerability, zero-trust2. Poor communication with the board and C-suite: Technical expertise alone no longer suffices in the modern CISO role. Security leaders who fail to translate cyber risks into business impact quickly lose credibility with decision-makers who control budgets and strategic direction.When security leaders present endless technical details without connecting them to revenue loss, regulatory fines,…
-
The Human Layer of Security: Why People are Still the Weakest Link in 2026
By 2026 humans remain cybersecurity’s weakest”, and most vital”, link as AI-enabled social engineering rises; prioritize behavioral design, real”‘time interventions, and leadership. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/the-human-layer-of-security-why-people-are-still-the-weakest-link-in-2026/