Tag: social-engineering
-
Axios Attack Shows Complex Social Engineering Is Industrialized
The attack on the popular NPM package Axios is just one of many targeting maintainers and has shone a light on how threat actors can scale sophisticated social engineering campaigns. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/axios-attack-complex-social-engineering-industrialized
-
Axios Attack Shows Complex Social Engineering Is Industrialized
The attack on the popular NPM package Axios is just one of many targeting maintainers and has shone a light on how threat actors can scale sophisticated social engineering campaigns. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/axios-attack-complex-social-engineering-industrialized
-
Threat cluster launches extortion campaign using social engineering
Researchers said the hackers are compromising business process outsourcers and targeting help desk support. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/threat-actor-social-engineering-raccoon-persona/816804/
-
Threat Actors Exploit LogMeIn Resolve, ScreenConnect in Phishing Campaigns
Tags: cyber, detection, exploit, malicious, monitoring, phishing, social-engineering, sophos, threat, toolThreat actors are abusing legitimate remote monitoring and management (RMM) tools LogMeIn Resolve and ScreenConnect in a multi”‘stage phishing campaign that blends social engineering, living”‘off”‘the”‘land techniques, and stealthy information”‘stealing malware. Sophos’ Managed Detection and Response (MDR) teams first saw this activity in April 2025, with most malicious activity clustered in OctoberNovember 2025. More than 80…
-
Axios Attack Shows Social Complex Engineering Is Industrialized
The attack on the popular NPM package Axios is just one of many targeting maintainers and has shone a light on how threat actors can scale sophisticated social engineering campaigns. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/axios-attack-complex-social-engineering-industrialized
-
Best of the Worst: The Week Your Security Tools Became the Disguise
Tags: ai, antivirus, attack, authentication, cisco, control, credentials, crime, detection, dkim, dmarc, email, finance, fraud, google, infrastructure, intelligence, Internet, malicious, malware, microsoft, phishing, phone, risk, social-engineering, software, technology, threat, tool, training<div cla TL;DR This week’s Attack of the Day posts revealed a clear pattern: attackers are deliberately routing attacks through legitimate security and platform infrastructure so the tools themselves become trust signals. TitanHQ and Cisco URL wrappers hid a malware payload. Microsoft Safe Links rewrote a phishing URL to look protected. Microsoft Bookings sent a…
-
Hims & Hers says limited data stolen in social engineering attack
The telehealth provider said hackers gained access to a third-party customer service platform, but medical records remained secure. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/hims-hers-data-stolen-social-engineering/816707/
-
North Korean Hackers Pose as Trading Firm to Steal $285M from Drift
North Korean hackers (UNC4736) posed as a trading firm for six months to infiltrate Drift Protocol, using social engineering tactics to steal $285M without suspicion. First seen on hackread.com Jump to article: hackread.com/north-korean-hackers-trading-firm-drift-protocol/
-
Threat Actors Weaponize Fake Microsoft Teams Domains to Target Users
Threat actors associated with North Korea are deploying fake Microsoft Teams domains to conduct social engineering attacks and distribute malware. The threat group, identified as UNC1069, uses convincing meeting lures and compromised communication channels to target unsuspecting professionals. UNC1069 is a financially motivated threat actor linked to the Democratic People’s Republic of Korea (DPRK). On…
-
$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation
Drift has revealed that the April 1, 2026, attack that led to the theft of $285 million was the culmination of a months-long targeted and meticulously planned social engineering operation undertaken by the Democratic People’s Republic of Korea (DPRK) that began in the fall of 2025.The Solana-based decentralized exchange described it as “an attack six…
-
Social Engineering: Hacker nehmen Open-Source-Maintainer ins Visier
Der Social-Engineering-Angriff auf den Axios-Maintainer ist Teil einer Kampagne. Andere Maintainer wurden ebenfalls attackiert. First seen on golem.de Jump to article: www.golem.de/news/social-engineering-hacker-nehmen-open-source-maintainer-ins-visier-2604-207252.html
-
Axios npm hack used fake Teams error fix to hijack maintainer account
The maintainers of the popular Axios HTTP client have published a detailed post-mortem describing how one of its developers was targeted by a social engineering campaign believed to have been conducted by North Korean threat actors. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/axios-npm-hack-used-fake-teams-error-fix-to-hijack-maintainer-account/
-
Hackers Launch Social Engineering Offensive Against Key Node.js Maintainers
Following the high-profile supply chain compromise of the widely used Axios package, a highly coordinated social engineering campaign has been uncovered targeting top-tier Node.js and npm maintainers. Security researchers confirm that the Axios breach was part of a scalable operation aimed at infiltrating the global software supply chain. The threat actors are actively hunting developers…
-
UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack
The maintainer of the Axios npm package has confirmed that the supply chain compromise was the result of a highly-targeted social engineering campaign orchestrated by North Korean threat actors tracked as UNC1069.Maintainer Jason Saayman said the attackers tailored their social engineering efforts “specifically to me” by first approaching him under the guise of the founder…
-
Axios npm compromise traced to targeted social engineering attack
The recent compromise of the widely used Axios npm package has been confirmed as the result of a targeted social engineering attack. The incident, which briefly exposed developers to malicious code, highlights growing risks within the open-source software supply chain. On March 31, attackers managed to publish two malicious versions of Axios to npm. These…
-
Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK
Solana-based decentralized exchange Drift has confirmed that attackers drained about $285 million from the platform during a security incident that took place on April 1, 2026.”Earlier today, a malicious actor gained unauthorized access to Drift Protocol through a novel attack involving durable nonces, resulting in a rapid takeover of Drift’s Security Council administrative powers,” the&…
-
Hackers Weaponize Venom Stealer via ClickFix Lures for Massive Data Exfiltration
Hackers are increasingly turning simple social engineering tricks into full-scale data theft operations, and a newly identified malware platform called Venom Stealer is a strong example of this shift. Instead of just stealing credentials once, Venom creates a continuous data exfiltration pipeline, allowing attackers to monitor and extract sensitive information long after the initial infection.…
-
NCSC Issues Security Alert Over Hackers Targeting WhatsApp and Signal Accounts
The UK’s cybersecurity agency offered advice to “high-risk’ individuals” on how to protect against social engineering and cyber-attacks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ncsc-alert-hackers-whatsapp-signal/
-
NCSC warns high-risk individuals of Signal and WhatsApp social engineering attacks
NCSC advises on countermeasures for high-risk individuals over phishing attacks on encrypted messaging services, such as Signal, WhatsApp and Facebook Messenger First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366641058/NCSC-warns-high-risk-individuals-of-Signal-and-WhatsApp-social-engineering-attacks
-
WhatsApp Alerts 200 Users After Fake iOS App Installed Spyware; Italian Firm Faces Action
Meta-owned messaging platform WhatsApp said it alerted about 200 users who were tricked into installing a bogus version of its iOS app that was infected with spyware.According to reports from Italian newspaper La Repubblica and news agency ANSA, the vast majority of the targets are located in Italy. It’s assessed that the threat actors behind…
-
Cybersecurity in the age of instant software
Tags: access, ai, attack, computing, control, credentials, cybersecurity, deep-fake, defense, detection, exploit, flaw, injection, intelligence, iot, malicious, network, open-source, programming, risk, social-engineering, software, technology, tool, update, vulnerability, zero-dayAutomating patch creation: But that’s just half of the arms race. Defenders get to use AI, too. These same AI vulnerability-finding technologies are even more valuable for defense. When the defensive side finds an exploitable vulnerability, it can patch the code and deny it to attackers forever.How this works in practice depends on another related…
-
Vietnam-Linked PXA Stealer Campaign Exploits LinkedIn to Target Professionals Globally
A newly exposed global malware campaign reveals how PXA Stealer has been wielded by Vietnam”‘linked actors to siphon sensitive data from professionals across multiple countries using trusted platforms like LinkedIn. First documented in late 2024, this campaign has evolved into a new threat that leverages social engineering, advanced payload delivery, and stealthy execution to outmaneuver…
-
Venom Stealer MaaS Platform Commoditizes ClickFix Attacks
A new service on the cybercrime market provides automated capabilities to create persistent information-stealing social engineering attacks. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/venom-stealer-maas-commoditizes-clickfix-attacks
-
Routine Access Is Powering Modern Intrusions, a New Threat Report Finds
Modern intrusions increasingly start with valid credentials and routine access, not exploits. Blackpoint Cyber’s upcoming threat report shows how VPN abuse, RMM tools, and social engineering drive most incidents. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/routine-access-is-powering-modern-intrusions-a-new-threat-report-finds/
-
New Venom Stealer MaaS Platform Automates Continuous Data Theft
Venom Stealer malware-as-a-service automates ClickFix social engineering, credential and crypto exfiltration First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/venom-stealer-maas-automates-data/
-
Security awareness is not a control: Rethinking human risk in enterprise security
Tags: access, attack, authentication, awareness, banking, best-practice, breach, business, control, corporate, credentials, crowdstrike, defense, email, exploit, finance, framework, Hardware, healthcare, identity, infrastructure, malware, mfa, monitoring, passkey, password, phishing, radius, risk, security-incident, social-engineering, strategy, tactics, threat, training, vulnerabilityThe predictability of human error: Human error is sometimes viewed as an exception in security incident conversations, as if a breach happened because someone made a mistake that should have been prevented. Human error is a constant in complex systems, especially in huge organizations where everyday operations are shaped by scale, pace, and conflicting agendas.…
-
The Arms Race is Already Over. You Just Don’t Know Which Side Won.
Anthropic’s Claude 4.6 found 500+ zero-days, but the real story is economic. As AI secures code, attackers are shifting to the “Trust Layer””, AI-driven social engineering and identity deception. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/the-arms-race-is-already-over-you-just-dont-know-which-side-won/
-
Don’t open that WhatsApp message, Microsoft warns
How to avoid social engineering attacks? Employee training tops the list First seen on theregister.com Jump to article: www.theregister.com/2026/03/31/whatsapp_message_bad_msi_packages/
-
Apple Adds ClickFix Attack Warnings in New macOS Tahoe Security Feature
Apple has silently introduced a new security mechanism in macOS Tahoe 26.4 to protect users against social engineering campaigns known as ClickFix attacks. This defense intercepts potentially harmful commands before they are pasted into the Terminal application, breaking the infection chain. The ClickFix Attack Methodology ClickFix is a sophisticated social engineering technique designed to bypass…
-
SOC von BlueVoyant verhindert gezielten Social-Engineering-Angriff auf EU-Finanzeinrichtung
In der Vergangenheit setzte die Gruppe wiederholt auf täuschend echte digitale Identitäten etwa im Namen ukrainischer Behörden oder bekannter Softwareanbieter First seen on infopoint-security.de Jump to article: www.infopoint-security.de/soc-von-bluevoyant-verhindert-gezielten-social-engineering-angriff-auf-eu-finanzeinrichtung/a44439/

