Tag: social-engineering
-
Lampion Stealer Resurfaces with ClickFix Attack to Steal User Credentials Stealthily
Tags: attack, banking, credentials, cyber, cybercrime, group, infection, malware, social-engineering, threatA Brazilian cybercriminal group has refined its long-running malware distribution campaign by incorporating innovative social engineering techniques and multi-stage infection chains to deliver the Lampion banking trojan. The campaign, which has operated continuously since at least June 2024 following its initial discovery in 2019, demonstrates the threat actor’s commitment to operational stealth and evasion. The…
-
Cybercriminals Launch Flood of Fake Forex Platforms to Harvest Logins
Fraudulent investment platforms impersonating legitimate cryptocurrency and forex exchanges have emerged as the primary financial threat across Asia, with organized crime groups operating at unprecedented scale. These sophisticated scams leverage social engineering tactics to deceive victims into transferring funds to attacker-controlled systems, blurring the lines between legitimate trading and criminal enterprise. The threat extends far…
-
BlueNoroff reemerges with new campaigns for crypto theft and espionage
Tags: attack, blockchain, credentials, crypto, espionage, github, group, jobs, lazarus, malware, social-engineering, supply-chain, theft, toolFake recruiters with real malware: The GhostHire operation takes a different approach, targeting Web3 developers through fake job offers and recruitment tests. Here BlueNoroff sets up fake developer tasks, often hosted on GitHub or shared via Telegram bots. “Based on historical attack cases of this campaign, we assess with medium confidence that this attack flow…
-
Is your perimeter having an identity crisis?
Tags: access, ai, attack, authentication, breach, business, cloud, communications, credentials, data, data-breach, defense, detection, email, endpoint, identity, infrastructure, intelligence, malicious, mfa, mobile, network, phishing, phone, RedTeam, resilience, smishing, social-engineering, strategy, tactics, threatCraft phishing, smishing and vishing. Creating hyper-personalized emails that can be grammatically perfect, contextually aware and emotionally resonant. These messages no longer demonstrate the telltale signs of traditional phishing like broken English or generic greetings.Synthesize trust. Using voice-cloning AI to leave a quick, urgent voicemail from a trusted executive, bypassing the skepticism you’ve trained into…
-
10 NPM Packages That Automatically Run on Install and Steal Credentials
Tags: attack, authentication, credentials, cyber, data, linux, macOS, malicious, malware, social-engineering, supply-chain, tactics, theft, threat, windowsA sophisticated supply chain attack involving ten malicious npm packages that execute automatically upon installation and deploy a comprehensive credential theft operation. The malware uses advanced obfuscation techniques, social engineering tactics, and cross-platform functionality to harvest sensitive authentication data from developers’ systems across Windows, Linux, and macOS environments. Socket’s Threat Research Team has uncovered a…
-
Ransomware Hackers Look for New Tactics Amid Falling Profits
Digital Extortionists Try Recruiting Insiders, Email Barrages. Collective efforts to bolster cybersecurity defenses have been taking a big bite out of ransomware groups’ earnings, leading groups to reach for new strategies, including social engineering, supply chain attacks, extortion services and bribing insiders, warn incident response experts. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/ransomware-hackers-look-for-new-tactics-amid-falling-profits-a-29867
-
FileFix + Cache Smuggling: A New Evasion Combo
Cybersecurity researchers have uncovered a sophisticated evolution in phishing attacks that combines FileFix social engineering with cache smuggling techniques to bypass modern security defenses. This hybrid attack method eliminates the need for malicious code to make web requests, instead extracting payloads directly from the browser’s cache where they were planted through cache smuggling. The technique…
-
Zunehmende Bedrohung durch menschzentrierte Cyberangriffe
Bedrohungsakteure ändern ihre Taktik, um menschliche Kontaktpunkte aus jedem Blickwinkel anzugehen innerhalb von Geschäftsabläufen und über Kanäle hinweg , um koordinierte Kampagnen durchzuführen, die herkömmliche Abwehrmaßnahmen überwältigen. Die Auswertung des Global Threat Intelligence Report für 2025 von Mimecast zeigt zentrale Trends, darunter den Anstieg intelligenter KI-gestützter Phishing- und Social-Engineering-Angriffe sowie die verstärkte Nutzung… First seen…
-
News alert: Arsen rolls out ‘Smishing Simulation’ to strengthen defenses against mobile phishing threats
PARIS, Oct. 24, 2025, CyberNewswire, Arsen, the cybersecurity company dedicated to helping organizations defend against social engineering, today introduced its new Smishing Simulation module: a feature designed to let companies run realistic, large-scale SMS phishing simulations across their… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/news-alert-arsen-rolls-out-smishing-simulation-to-strengthen-defenses-against-mobile-phishing-threats/
-
Scammers try to trick LastPass users into giving up credentials by telling them they’re dead
Tags: access, advisory, authentication, breach, corporate, credentials, crypto, cybercrime, email, google, group, infosec, intelligence, login, mail, malicious, mfa, mitigation, password, phishing, phone, scam, social-engineering, threatStaff should be using MFA: CSOs and IT managers should ensure that any password managers their employees use have phishing-resistant multifactor authentication or require an additional login factor, so if staff fall for a scam like this, the scammer can’t log in just using stolen credentials, Grimes said.If the corporate approved password manager doesn’t allow…
-
Arsen Launches Smishing Simulation to Help Companies Defend Against Mobile Phishing Threats
Tags: attack, ciso, cyber, cybersecurity, mobile, mssp, phishing, smishing, social-engineering, threatParis, France, October 24th, 2025, CyberNewsWire Arsen, the cybersecurity company dedicated to helping organizations defend against social engineering, today introduced its new Smishing Simulation module: a feature designed to let companies run realistic, large-scale SMS phishing simulations across their teams. Designed to address the growing wave of mobile-based attacks, the new module gives CISOs, MSSPs,…
-
Mimecast veröffentlicht seinen Global Threat Intelligence Report 2025
Die Auswertungen zeigen einen signifikanten Anstieg von Social-Engineering-Angriffen einschließlich Kampagnen wie ClickFix, KI-unterstütztem Phishing und Business Email Compromise (BEC) First seen on infopoint-security.de Jump to article: www.infopoint-security.de/mimecast-veroeffentlicht-seinen-global-threat-intelligence-report-2025/a42484/
-
Google Warns of Cybercriminals Using Fake Job Postings to Spread Malware and Steal Credentials
Tags: corporate, credentials, cyber, cybercrime, google, group, intelligence, jobs, malware, social-engineering, threatGoogle’s Threat Intelligence Group (GTIG) has uncovered a sophisticated social engineering campaign orchestrated by financially motivated threat actors based in Vietnam. The ultimate objective is to compromise corporate advertising accounts and steal valuable credentials for resale or direct monetization. The threat cluster specifically targets remote workers in digital advertising roles, focusing on individuals with contract…
-
North Korea’s Lazarus group attacked three companies involved in drone development
The attacks, which involved fake job offers as a social engineering lure, were likely aimed at stealing proprietary information about drone manufacturing, ESET said in a report. First seen on cyberscoop.com Jump to article: cyberscoop.com/north-korea-lazarus-attacks-drone-companies/
-
Social engineering gains ground as preferred method of initial access
Senior executives and high-net-worth individuals are increasingly at risk as hackers use deepfakes, voice cloning and other tactics for targeted attacks.; First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/social-engineering-preferred-initial-access/803363/
-
Russian hackers evolve malware pushed in “I am not a robot” captchas
The Russian state-backed Star Blizzard hacker group has ramped up operations with new, constantly evolving malware families (NoRobot, MaybeRobot) deployed in complex delivery chains that start with ClickFix social engineering attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/russian-hackers-evolve-malware-pushed-in-i-am-not-a-robot-clickfix-attacks/
-
AI-Driven Social Engineering Top Cyber Threat for 2026, ISACA Survey Reveals
Only one in ten IT and cybersecurity professionals feels “very prepared” to manage generative AI risks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ai-social-engineering-top-cyber/
-
North Korean threat actors turn blockchains into malware delivery servers
Used in North Korean fake recruitment campaigns: As opposed to other nation-state actors, North Korean APT groups are known to conduct cybercriminal activity in addition to cyberespionage, because their goal includes gathering funds for the regime.One way they do this is by stealing cryptocurrency from companies and individuals. Between 2017 and 2023, it is estimated…
-
North Korean threat actors turn blockchains into malware delivery servers
Used in North Korean fake recruitment campaigns: As opposed to other nation-state actors, North Korean APT groups are known to conduct cybercriminal activity in addition to cyberespionage, because their goal includes gathering funds for the regime.One way they do this is by stealing cryptocurrency from companies and individuals. Between 2017 and 2023, it is estimated…
-
New Tech Support Scam Exploits Microsoft Logo to Steal User Credentials
Microsoft’s name and branding have long been associated with trust in computing, security, and innovation. Yet a newly uncovered campaign by the Cofense Phishing Defense Center demonstrates that even the most recognized logos can be hijacked by threat actors to exploit user trust. By blending classic social engineering tactics with advanced deceptive overlays, this scam…
-
CISOs brace for an “AI vs. AI” fight
Tags: ai, attack, automation, awareness, ciso, computer, conference, cyber, data, defense, detection, email, exploit, extortion, india, psychology, ransomware, social-engineering, technology, theft, threat, training, vulnerabilityCSO reporting paints an unsettling picture of what’s already happening. Autonomous AI agents are learning to execute full attack chains, from reconnaissance and exploitation to evasion and data theft, without human direction. Researchers have documented AI models used to generate extortion emails, launch ransomware, and discover new vulnerabilities in minutes. As one expert put it, attackers…
-
TigerJack’s malicious VSCode extensions mine, steal, and stay hidden
Coordinated multi-account operation: Koi researchers found 11 extensions across multiple accounts, making it a coordinated operation.”This multi-account strategy provides redundancy when one account gets flagged, creates the illusion of independent developers, and demonstrates professional-level social engineering: GitHub repositories for credibility, consistent branding across extensions, detailed feature lists, professional marketplace presentations, and strategic naming that mimics…
-
TigerJack’s malicious VSCode extensions mine, steal, and stay hidden
Coordinated multi-account operation: Koi researchers found 11 extensions across multiple accounts, making it a coordinated operation.”This multi-account strategy provides redundancy when one account gets flagged, creates the illusion of independent developers, and demonstrates professional-level social engineering: GitHub repositories for credibility, consistent branding across extensions, detailed feature lists, professional marketplace presentations, and strategic naming that mimics…
-
TigerJack’s malicious VSCode extensions mine, steal, and stay hidden
Coordinated multi-account operation: Koi researchers found 11 extensions across multiple accounts, making it a coordinated operation.”This multi-account strategy provides redundancy when one account gets flagged, creates the illusion of independent developers, and demonstrates professional-level social engineering: GitHub repositories for credibility, consistent branding across extensions, detailed feature lists, professional marketplace presentations, and strategic naming that mimics…
-
Scattered Lapsus$ Hunters extortion site goes dark: What’s next?
Tags: access, attack, backup, breach, business, cyber, cybercrime, data, data-breach, extortion, group, infrastructure, intelligence, leak, lockbit, ransom, ransomware, risk, russia, social-engineering, software, supply-chain, technology, threatTakedowns only slow activity: According to Jeremy Kirk, executive editor for cyber threat intelligence at research company Intel 471, police have been closing in on the individual groups represented in Scattered Lapsus$ Hunters for more than three years. This included arresting alleged members. Whether this damaged the group in the long run remained to be…
-
Meet Varonis Interceptor: AI-Native Email Security
AI-generated phishing and social engineering attacks outpace traditional email defenses. Varonis’ new Interceptor platform uses multimodal AI, vision, language, and behavior models, to detect zero-hour attacks and stop them before they reach users. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/meet-varonis-interceptor-ai-native-email-security/
-
Meet Varonis Interceptor: AI-Native Email Security
AI-generated phishing and social engineering attacks outpace traditional email defenses. Varonis’ new Interceptor platform uses multimodal AI, vision, language, and behavior models, to detect zero-hour attacks and stop them before they reach users. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/meet-varonis-interceptor-ai-native-email-security/
-
Meet Varonis Interceptor: AI-Native Email Security
AI-generated phishing and social engineering attacks outpace traditional email defenses. Varonis’ new Interceptor platform uses multimodal AI, vision, language, and behavior models, to detect zero-hour attacks and stop them before they reach users. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/meet-varonis-interceptor-ai-native-email-security/
-
North Korean Hackers Target Developers with 338 Malicious Software Packages
Tags: attack, blockchain, control, crypto, cyber, endpoint, hacker, malicious, north-korea, social-engineering, software, supply-chain, threatNorth Korean threat actors have escalated their Contagious Interview campaign, deploying 338 malicious npm packages with over 50,000 downloads to target cryptocurrency and blockchain developers through sophisticated social engineering tactics. The state-sponsored operation represents a significant evolution in supply chain attacks, utilizing more than 180 fake personas and a dozen command and control endpoints to…
-
Microsoft Locks Down IE Mode After Hackers Turned Legacy Feature Into Backdoor
Tags: access, backdoor, exploit, hacker, Internet, microsoft, social-engineering, threat, unauthorizedMicrosoft said it has revamped the Internet Explorer (IE) mode in its Edge browser after receiving “credible reports” in August 2025 that unknown threat actors were abusing the backward compatibility feature to gain unauthorized access to users’ devices.”Threat actors were leveraging basic social engineering techniques alongside unpatched (0-day) exploits in Internet Explorer’s JavaScript First seen…

