Tag: spam
-
New ‘IndonesianFoods’ worm floods npm with 100,000 packages
A self-spreading package published on npm spams the registry by spawning new packages every every seven seconds, creating large volumes of junk. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-indonesianfoods-worm-floods-npm-with-100-000-packages/
-
How 43,000 NPM Spam Packages Hid in Plain Sight for Two Years
A two-year campaign quietly flooded npm with 43,000 dormant packages, exposing major supply-chain security gaps. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/how-43000-npm-spam-packages-hid-in-plain-sight-for-two-years/
-
Russian Hackers Create 4,300 Fake Travel Sites to Steal Hotel Guests’ Payment Data
A Russian-speaking threat behind an ongoing, mass phishing campaign has registered more than 4,300 domain names since the start of the year.The activity, per Netcraft security researcher Andrew Brandt, is designed to target customers of the hospitality industry, specifically hotel guests who may have travel reservations with spam emails. The campaign is said to have…
-
Fake spam filter alerts are hitting inboxes
A new phishing campaign is attempting to trick users into believing they’ve missed important emails, security researchers are warning. The emails The bogus email alerts look … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/13/phishing-spam-filter-alert/
-
Fake spam filter alerts are hitting inboxes
A new phishing campaign is attempting to trick users into believing they’ve missed important emails, security researchers are warning. The emails The bogus email alerts look … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/13/phishing-spam-filter-alert/
-
Phishing Emails Alert: How Spam Filters Can Steal Your Email Logins in an Instant
Cybercriminals have launched a sophisticated phishing campaign that exploits trust in internal security systems by spoofing email delivery notifications to appear as legitimate spam-filter alerts within organizations. These deceptive emails are designed to steal login credentials that could compromise email accounts, cloud storage, and other sensitive systems. “‹ The attack begins with an email claiming…
-
Hackers Infiltrate npm Registry with 43,000 Spam Packages, Linger for Nearly Two Years
Security researcher Paul McCarty has uncovered a massive coordinated spam campaign targeting the npm ecosystem. The IndonesianFoods worm, comprising over 43,000 malicious packages published across at least 11 user accounts, remained active in the registry for nearly two years before detection. The campaign derives its distinctive name from its unique package naming scheme. The embedded…
-
Large-Scale Spam Campaign Hits npm Registry With 43,000+ Fake Packages
Security researchers have uncovered a large-scale spam campaign within the npm ecosystem, now known as the IndonesianFoods worm. The attack involves over 43,000 spam packages published across at least 11 user accounts over the past two years. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/indonesianfoods-worm-npm-spam-campaign/
-
Large-Scale Spam Campaign Hits npm Registry With 43,000+ Fake Packages
Security researchers have uncovered a large-scale spam campaign within the npm ecosystem, now known as the IndonesianFoods worm. The attack involves over 43,000 spam packages published across at least 11 user accounts over the past two years. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/indonesianfoods-worm-npm-spam-campaign/
-
Over 67,000 Fake npm Packages Flood Registry in Worm-Like Spam Attack
Cybersecurity researchers are calling attention to a large-scale spam campaign that has flooded the npm registry with thousands of fake packages since early 2024 as part of a likely financially motivated effort.”The packages were systematically published over an extended period, flooding the npm registry with junk packages that survived in the ecosystem for almost two…
-
Over 46,000 Fake npm Packages Flood Registry in Worm-Like Spam Attack
Cybersecurity researchers are calling attention to a large-scale spam campaign that has flooded the npm registry with thousands of fake packages since early 2024 as part of a likely financially motivated effort.”The packages were systematically published over an extended period, flooding the npm registry with junk packages that survived in the ecosystem for almost two…
-
Google Sues “Lighthouse” Over Massive Phishing Attacks
That text message you got about a “stuck package” from USPS, or an “unpaid road toll” notice, isn’t just random spam it’s become the signature move of an international criminal outfit that’s managed to swindle millions. Today, Google is launching a major campaign to turn the tide: filing a lawsuit to dismantle the infamous “Lighthouse”…
-
Google Sues “Lighthouse” Over Massive Phishing Attacks
That text message you got about a “stuck package” from USPS, or an “unpaid road toll” notice, isn’t just random spam it’s become the signature move of an international criminal outfit that’s managed to swindle millions. Today, Google is launching a major campaign to turn the tide: filing a lawsuit to dismantle the infamous “Lighthouse”…
-
Hackers Exploit Websites to Inject Malicious Links for SEO Manipulation
A surge in online casino spam is reshaping the dark corners of the internet, with threat actors increasingly hacking websites to embed malicious SEO-boosting links. This evolving tactic aims to promote online gambling sites by hijacking the authority of legitimate websites putting site owners and unsuspecting users alike at risk. Historically, blackhat SEO spam campaigns…
-
Hackers Exploit Websites to Inject Malicious Links for SEO Manipulation
A surge in online casino spam is reshaping the dark corners of the internet, with threat actors increasingly hacking websites to embed malicious SEO-boosting links. This evolving tactic aims to promote online gambling sites by hijacking the authority of legitimate websites putting site owners and unsuspecting users alike at risk. Historically, blackhat SEO spam campaigns…
-
Cavalry Werewolf Launches Cyberattack on Government Agencies to Deploy Network Backdoor
In July 2025, Doctor Web’s anti-virus laboratory received a critical alert from a government-owned organization within the Russian Federation. The institution suspected a network compromise after discovering spam emails originating from one of their corporate email addresses. What began as a routine investigation quickly escalated into the discovery of a sophisticated targeted attack orchestrated by…
-
Spam text scammer fined £200,000 for targeting people in debt, after sending nearly one million messages
The UK Information Commissioner’s Office (ICO) has levied a fine of £200,000 against a sole trader who sent almost one million spam text messages to people across the country – many of whom were already struggling with debt. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/spam-text-scammer-fined-200-000-for-targeting-people-in-debt-after-sending-nearly-one-million-messages
-
Spam text scammer fined £200,000 for targeting people in debt, after sending nearly one million messages
The UK Information Commissioner’s Office (ICO) has levied a fine of £200,000 against a sole trader who sent almost one million spam text messages to people across the country – many of whom were already struggling with debt. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/spam-text-scammer-fined-200-000-for-targeting-people-in-debt-after-sending-nearly-one-million-messages
-
Sole trader dispatched almost 1M spam texts to hard-up Brits, says watchdog
Tags: spamICO fined Bharat Singh Chand £200,000 after receiving 19,138 complaints First seen on theregister.com Jump to article: www.theregister.com/2025/10/29/ico_spam_text_fine/
-
Atroposia malware kit lowers the bar for cybercrime, and raises the stakes for enterprise defenders
Tags: apt, authentication, automation, ciso, credentials, crime, cybercrime, defense, detection, dns, endpoint, infrastructure, mail, malicious, malware, mfa, monitoring, rat, service, spam, threat, tool, update, vulnerabilityRAT toolkits proliferating: Atroposia is one of a growing number of RAT tools targeting enterprises; Varonis has also recently discovered SpamGPT and MatrixPDF, a spam-as-a-service platform and malicious PDF builder, respectively.Shipley noted that these types of packages which identify additional avenues to maintain persistence have been around for some time; Mirai, which goes back to…
-
Süßes oder Scam Halloween ist eine Zeit für saisonalen Internetbetrug
Deutschland auf Rang Zwei als Zielland für Spambetrug. Fünf Prozent des Spams stammen aus Deutschland. 63 Prozent des Spams mit Halloween-Bezug sind bösartig und beabsichtigen, Malware zu implementieren oder Zugangsdaten oder Geld zu stehlen. Die Bitdefender Labs haben anhand ihrer Telemetrie in der Zeit vom 15. September bis zum 15. Oktober einen globalen Anstieg von… First…
-
Süßes oder Scam Halloween ist eine Zeit für saisonalen Internetbetrug
Deutschland auf Rang Zwei als Zielland für Spambetrug. Fünf Prozent des Spams stammen aus Deutschland. 63 Prozent des Spams mit Halloween-Bezug sind bösartig und beabsichtigen, Malware zu implementieren oder Zugangsdaten oder Geld zu stehlen. Die Bitdefender Labs haben anhand ihrer Telemetrie in der Zeit vom 15. September bis zum 15. Oktober einen globalen Anstieg von… First…
-
Why must CISOs slay a cyber dragon to earn business respect?
really prevents one, the board shrugs,” Levine says. CISOs “kind of normalize the idea that the company is constantly under attack. That is certainly true, but it makes it very difficult for the board to get worked up over preventing a single attack.” Moreover, this issue begs the question: Why should a security leader need…
-
Why must CISOs slay a cyber dragon to earn business respect?
really prevents one, the board shrugs,” Levine says. CISOs “kind of normalize the idea that the company is constantly under attack. That is certainly true, but it makes it very difficult for the board to get worked up over preventing a single attack.” Moreover, this issue begs the question: Why should a security leader need…
-
131 Malicious Chrome Extensions Discovered Targeting WhatsApp Users
A new wave of spamware targeting WhatsApp Web users has emerged, as the Socket Threat Research Team revealed the discovery of 131 malicious Chrome extensions actively flooding the Chrome Web Store. These extensions are not conventional malware, but function as high-risk automation tools, systematically violating platform policies to facilitate large-scale spam campaigns, primarily targeting Brazilian…
-
131 Chrome Extensions Caught Hijacking WhatsApp Web for Massive Spam Campaign
Cybersecurity researchers have uncovered a coordinated campaign that leveraged 131 rebranded clones of a WhatsApp Web automation extension for Google Chrome to spam Brazilian users at scale.The 131 spamware extensions share the same codebase, design patterns, and infrastructure, according to supply chain security company Socket. The browser add-ons collectively have about 20,905 active users.” First…
-
WhatsApp testet Nachrichtenlimit Schutz vor Spam oder Zensur durch die Hintertür?
Tags: spamWhatsApp testet ein monatliches Nachrichtenlimit für unbeantwortete Nachrichten. Wird der Messenger damit wirklich vor Spam geschützt? First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/datenschutz/whatsapp-testet-nachrichtenlimit-schutz-vor-spam-oder-zensur-durch-die-hintertuer-321917.html
-
A new approach to blockchain spam: Local reputation over global rules
Spam has long been a nuisance in blockchain networks, clogging transaction queues and driving up fees. A new research paper from Delft University of Technology introduces a … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/17/new-approach-blockchain-spam-mitigation/