Tag: social-engineering
-
Threat Actors Exploit LNK Files to Deploy MoonPeak Malware on Windows Systems
A sophisticated three-stage malware attack campaign against Windows users in South Korea using specially crafted LNK (shortcut) files. The attack begins with a deceptive LNK file named >>ì‹¤ì „ íŠ¸ë ˆì´ë, © 핵심 비법서.pdf.lnk<>Practical Trading Core Secret Book<<), specifically crafted to target South Korean investors seeking financial guidance. This social engineering approach exploits users' trust […] The…
-
MacSync macOS Infostealer Exploits ClickFix-style Attack to Trick Users with Single Terminal Command
A sophisticated macOS infostealer campaign that leverages deceptive ClickFix-style social engineering to distribute MacSync, a Malware-as-a-Service (MaaS) credential-stealing tool targeting cryptocurrency users. The attack chain begins with phishing redirects and culminates in persistent access through trojanized hardware wallet applications. The campaign initiates with credential harvesters impersonating Microsoft login pages. Analysis of crosoftonline[.]com/login[.]srf a domain spoofing official Microsoft…
-
Hackers Disable Windows Security With New Malware Attack
Unlike traditional attacks that rely on exploits, this succeeds through social engineering combined with abuse of Windows’ own security architecture. The post Hackers Disable Windows Security With New Malware Attack appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-hackers-disable-windows-security/
-
Okta SSO accounts targeted in vishing-based data theft attacks
Okta is warning about custom phishing kits built specifically for voice-based social engineering (vishing) attacks. BleepingComputer has learned that these kits are being used in active attacks to steal Okta SSO credentials for data theft. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/okta-sso-accounts-targeted-in-vishing-based-data-theft-attacks/
-
Microsoft Teams to add brand impersonation warnings to calls
Microsoft will soon add new fraud protection features to Teams calls, warning users about external callers who attempt to impersonate trusted organizations in social engineering attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-teams-to-add-brand-impersonation-warnings-to-calls/
-
New ClickFix Campaign Exploits Fake Verification Pages to Hijack Facebook Sessions
Tags: attack, credentials, cyber, exploit, guide, phishing, social-engineering, software, vulnerabilityA sophisticated ClickFix campaign targeting Facebook users has been identified, leveraging social engineering to extract live session credentials directly from victims’ browsers. Unlike traditional phishing exploits that rely on software vulnerabilities, this campaign guides victims through a guided credential-harvesting process disguised as account verification. Researchers identified 115 webpages across the attack chain and eight distinct…
-
New Multi-Stage Windows Malware Disables Microsoft Defender, Deploys Malicious Payloads
A sophisticated multi-stage malware campaign targeting Russian users, leveraging social engineering, legitimate cloud services, and native Windows functionality to achieve full system compromise without exploiting vulnerabilities. The campaign begins with deceptively crafted business-themed documents delivered via compressed archives. Victims receive Russian-language files that appear to be routine accounting tasks, but the archive contains a malicious…
-
ErrTraffic Exploits Visual Page Breaks to Fuel ClickFix Attacks, Rebranding Exploits as “GlitchFix”
ErrTraffic is a Traffic Distribution System (TDS) designed to power ClickFix social engineering attacks. Unlike traditional fake update prompts, ErrTraffic deliberately breaks website visuals creating garbled text, distorted CSS, and cursor jitter to convince victims their device is actually broken. Visual chaos technique, called >>GlitchFix,<>fixing<< their systems by running malware. […] The post ErrTraffic Exploits Visual Page Breaks…
-
ErrTraffic Exploits Visual Page Breaks to Fuel ClickFix Attacks, Rebranding Exploits as “GlitchFix”
ErrTraffic is a Traffic Distribution System (TDS) designed to power ClickFix social engineering attacks. Unlike traditional fake update prompts, ErrTraffic deliberately breaks website visuals creating garbled text, distorted CSS, and cursor jitter to convince victims their device is actually broken. Visual chaos technique, called >>GlitchFix,<>fixing<< their systems by running malware. […] The post ErrTraffic Exploits Visual Page Breaks…
-
Contagious Interview turns VS Code into an attack vector
Social engineering to developer trust abuse: The effectiveness of the campaign hinges on social engineering rather than technical exploitation. Victims are tricked into interacting with unfamiliar repositories as part of legitimate-looking projects. Once the repository is opened, VS Code’s built-in trust prompt becomes the key, and approving it enables the malicious task execution chain without…
-
‘CrashFix’ Scam Crashes Browsers, Delivers Malware
The attack consists of a NexShield malicious browser extension, a social engineering technique to crash the browser, and a Python-based RAT. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/crashfix-scam-crashes-browsers-delivers-malware
-
PDFSIDER Malware Exploitation of DLL Side-Loading for AV and EDR Evasion
Threat actors use PDFSIDER malware with social engineering and DLL sideloading to bypass AV/EDR, and ransomware gangs already abuse it. Resecurity has learned about PDFSIDER during an investigation of a network intrusion attempt that was successfully prevented by a Fortune 100 energy corporation. The threat actor contacted their staff, impersonating technical support, and used social…
-
KI-gestütztes Social Engineering setzt den KMUs zunehmend zu
Die Bedrohungslage für KMU ist ernst und sie verschärft sich weiter. KI-gestütztes Social Engineering erhöht nicht nur die Erfolgswahrscheinlichkeit von Angriffen, sondern auch den operativen und finanziellen Druck auf Unternehmen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/ki-gestuetztes-social-engineering-setzt-den-kmus-zunehmend-zu/a43416/
-
What is AI fuzzing? And what tools, threats and challenges generative AI brings
Tags: ai, attack, breach, ceo, chatgpt, china, cisco, cve, cyber, cyberattack, cybercrime, cybersecurity, data, finance, gartner, google, government, group, hacker, injection, intelligence, LLM, malicious, mitre, open-source, RedTeam, russia, service, social-engineering, software, sql, technology, threat, tool, usa, vulnerabilityHow fuzzing works: In 2019, AI meant machine learning, and it was emerging as a new technique for generating test cases. The way traditional fuzzing works is you generate a lot of different inputs to an application in an attempt to crash it. Since every application accepts inputs in different ways, that requires a lot…
-
Allianz: KI birgt große Gefahr für Unternehmen
Tags: ai, cyberattack, cybercrime, encryption, extortion, germany, hacker, mail, risk, social-engineering, softwareKI birgt zahlreiche Risiken für die Sicherheit in Unternehmen.Künstliche Intelligenz (KI) hat sich nach Einschätzung der Allianz zu einem der größten globalen Geschäftsrisiken für Unternehmen entwickelt. Im neuen “Risikobarometer” des Unternehmensversicherers Allianz Commercial ist die KI vom zehnten auf den zweiten Platz hinter dem langjährigen Spitzenreiter Cyberkriminalität emporgeschossen.Beides steht in Zusammenhang: Kriminelle Hacker nutzen demnach…
-
Cybercrime Inc.: When hackers are better organized than IT
Tags: access, ai, attack, automation, awareness, botnet, breach, business, communications, compliance, computing, control, corporate, credentials, crime, cyber, cyberattack, cybercrime, cybersecurity, data, defense, email, exploit, finance, group, hacker, healthcare, incident response, intelligence, jobs, leak, malicious, malware, marketplace, network, organized, phishing, programming, ransom, ransomware, resilience, risk, service, social-engineering, software, supply-chain, technology, tool, training, update, vulnerabilityRansomware-as-a-service: The Amazon of crime: The ransomware-as-a-service (RaaS) model has also revolutionized the cybercrime business. Criminal groups offer their malware like a software product. Attackers can license the code, select targets, and launch attacks, all without in-depth programming knowledge. The operator receives a commission for this.Thus, a marketplace developed where services, tools, and data are traded like…
-
Microsoft’s January 2026 Patch Tuesday Addresses 113 CVEs (CVE-2026-20805)
Tags: access, attack, best-practice, cloud, cve, cyber, exploit, firmware, flaw, Internet, malicious, microsoft, mitre, ntlm, office, rce, remote-code-execution, service, social-engineering, sql, technology, update, vulnerability, windows, zero-day8Critical 105Important 0Moderate 0Low Microsoft addresses 113 CVEs in the first Patch Tuesday of 2026, with two zero-days, including one that was exploited in the wild. Microsoft patched 113 CVEs in its January 2026 Patch Tuesday release, with eight rated critical and 105 rated as important. Our counts omitted one CVE that was assigned by…
-
Microsoft’s January 2026 Patch Tuesday Addresses 113 CVEs (CVE-2026-20805)
Tags: access, attack, best-practice, cloud, cve, cyber, exploit, firmware, flaw, Internet, malicious, microsoft, mitre, ntlm, office, rce, remote-code-execution, service, social-engineering, sql, technology, update, vulnerability, windows, zero-day8Critical 105Important 0Moderate 0Low Microsoft addresses 113 CVEs in the first Patch Tuesday of 2026, with two zero-days, including one that was exploited in the wild. Microsoft patched 113 CVEs in its January 2026 Patch Tuesday release, with eight rated critical and 105 rated as important. Our counts omitted one CVE that was assigned by…
-
Top 10 vendors for AI-enabled security, according to CISOs
Tags: access, ai, api, attack, automation, business, ceo, cisco, ciso, cloud, container, crowdstrike, cybersecurity, data, detection, edr, email, encryption, endpoint, firewall, gartner, google, governance, group, ibm, identity, incident response, intelligence, jobs, mandiant, microsoft, monitoring, network, openai, phishing, ransomware, risk, risk-assessment, service, siem, soar, soc, social-engineering, software, startup, technology, threat, tool, vmware, vulnerability, waf, zero-trust2. Microsoft: Why they’re here: Similar to Cisco, Microsoft is embedded in virtually every enterprise, and is also a vendor that has marshalled its considerable resources to build an AI-powered security ecosystem. The platform includes Microsoft Defender for securing cloud environments, Microsoft Sentinel for cloud-native SIEM, Microsoft Purview for data governance, Microsoft Intune for endpoint…
-
Hackers Exploit Browserthe-Browser Trick to Hijack Facebook Accounts
Tags: authentication, credentials, cyber, exploit, hacker, login, phishing, social-engineering, theft, windowsFacebook’s massive 3 billion active users make it an attractive target for sophisticated phishing campaigns. As attackers grow more inventive, a hazardous technique is gaining traction: the >>Browser-in-the-Browser<< (BitB) attack. This advanced social engineering method creates custom-built fake login pop-ups that are nearly indistinguishable from legitimate authentication windows, enabling credential theft on an unprecedented scale.…
-
Fintech firm Betterment confirms data breach after hackers send fake crypto scam notification to users
Hackers gained access to some Betterment customers’ personal information through a social engineering attack, then targeted some of them with a crypto-related phishing message. First seen on techcrunch.com Jump to article: techcrunch.com/2026/01/12/fintech-firm-betterment-confirms-data-breach-after-hackers-send-fake-crypto-scam-notification-to-users/
-
Cybercriminals Exploit Maduro Arrest News to Spread Backdoor Malware
Tags: attack, backdoor, cyber, cybercrime, email, exploit, malicious, malware, phishing, social-engineering, spear-phishing, threatCybercriminals are leveraging reports of Venezuelan President Nicolás Maduro’s arrest on January 3, 2025, to distribute backdoor malware through a sophisticated social engineering campaign. Security researchers at Darktrace have uncovered a malicious operation that exploits this high-profile geopolitical event to compromise unsuspecting victims. Attack Method The threat actors likely used spear-phishing emails containing a ZIP…
-
PeekBoo! 🫣 Emoji Smuggling and Modern LLMs FireTail Blog
Tags: ai, computer, control, cybersecurity, data, exploit, injection, LLM, malicious, monitoring, risk, social-engineering, tactics, threat, tool, vulnerabilityJan 09, 2026 – Viktor Markopoulos – We often trust what we see. In cybersecurity, we are trained to look for suspicious links, strange file extensions, or garbled code. But what if the threat looked exactly like a smiling face sent by a colleague?Based on research by Paul Butler and building on FireTail’s previous disclosures…
-
PeekBoo! 🫣 Emoji Smuggling and Modern LLMs FireTail Blog
Tags: ai, computer, control, cybersecurity, data, exploit, injection, LLM, malicious, monitoring, risk, social-engineering, tactics, threat, tool, vulnerabilityJan 09, 2026 – Viktor Markopoulos – We often trust what we see. In cybersecurity, we are trained to look for suspicious links, strange file extensions, or garbled code. But what if the threat looked exactly like a smiling face sent by a colleague?Based on research by Paul Butler and building on FireTail’s previous disclosures…
-
The 2 faces of AI: How emerging models empower and endanger cybersecurity
Tags: ai, api, attack, compliance, credentials, cyber, cybersecurity, data, deep-fake, defense, detection, endpoint, espionage, exploit, finance, flaw, framework, GDPR, google, governance, government, group, guide, hacker, HIPAA, incident response, injection, intelligence, LLM, malicious, malware, mandiant, microsoft, network, PCI, penetration-testing, privacy, risk, russia, scam, security-incident, service, social-engineering, strategy, tactics, threat, tool, vulnerability, zero-daySelf-modifying, evasive malware More recently, the researchers at Google Threat Intelligence Group (GTIG) identified a disturbing new trend: malware that uses LLMs during execution to dynamically alter its own behavior and evade detection. This is not pre-generated code, this is code that adapts mid-execution.In June 2025, GTIG identified an experimental malware called PROMPTFLUX, which connects…
-
The 2 faces of AI: How emerging models empower and endanger cybersecurity
Tags: ai, api, attack, compliance, credentials, cyber, cybersecurity, data, deep-fake, defense, detection, endpoint, espionage, exploit, finance, flaw, framework, GDPR, google, governance, government, group, guide, hacker, HIPAA, incident response, injection, intelligence, LLM, malicious, malware, mandiant, microsoft, network, PCI, penetration-testing, privacy, risk, russia, scam, security-incident, service, social-engineering, strategy, tactics, threat, tool, vulnerability, zero-daySelf-modifying, evasive malware More recently, the researchers at Google Threat Intelligence Group (GTIG) identified a disturbing new trend: malware that uses LLMs during execution to dynamically alter its own behavior and evade detection. This is not pre-generated code, this is code that adapts mid-execution.In June 2025, GTIG identified an experimental malware called PROMPTFLUX, which connects…
-
New OAuth Attack Lets Hackers Bypass Microsoft Entra Authentication and Steal Keys
Tags: access, attack, authentication, cyber, cybersecurity, hacker, microsoft, social-engineering, threatIn a year-end tradition that has become all too familiar for cybersecurity defenders, researchers have uncovered a novel attack vector targeting Microsoft Entra ID that weaponizes legitimate OAuth 2.0 authentication flows to harvest privileged access tokens. The technique, dubbed >>ConsentFix<< by PushSecurity, represents an evolution of the ClickFix social engineering paradigm, enabling threat actors to…
-
Chinese Hackers Use NFC-Enabled Android Malware to Steal Payment Information
Chinese threat actors are conducting an aggressive campaign that distributes NFC-enabled Android malware capable of intercepting and remotely relaying payment card data via Telegram. Identified as >>Ghost Tap<< and linked to threat groups including TX-NFC and NFU Pay, the malicious applications employ social engineering tactics to deceive users into installing APKs and unknowingly facilitating fraudulent…
-
Fighting Deep Fakes: Think Like the Attacker
Deepfakes have moved from novelty to a practical weapon, and Brian Long, CEO of Adaptive Security, says most organizations still aren’t built to handle what comes next. Long explains why AI-driven impersonation has become one of the fastest-growing forms of social engineering: it’s cheap, widely accessible, and increasingly convincing across channels that traditional security.. First…
-
Bug in Open WebUI macht Kostenlos-Tool zur Backdoor
Tags: access, ai, api, authentication, backdoor, cve, cyberattack, endpoint, exploit, mitigation, network, nvd, openai, remote-code-execution, risk, social-engineering, tool, update, vulnerabilityDer Schweregrad des Bugs in Open WebUI wird als hoch eingestuft.Sicherheitsforschende von Cato Networks haben eine Schwachstelle in Open WebUI, einem selbstgehosteten Enterprise Interface für Large Language Models (LLM), entdeckt. Diese soll es externen Modell-Servern, die über das Feature ‘Direct Connections” eingebunden sind, ermöglichen, Schadcode einzuschleusen und KI-Workloads zu übernehmen.Das Problem, gekennzeichnet als CVE-2025-64496, beruht…

