phishing Archives • Page 4 of 17 • Daily CyberSecurity

Inside Job: Abandoned Outlook Add-in “AgreeTo” Steals 4,000 Credentials Outlook Add-in Phishing AgreeTo Malicious Add-in

Inside Job: Abandoned Outlook Add-in “AgreeTo” Steals 4,000 Credentials

Do Son February 13, 2026

In a disturbing first for enterprise security, researchers at Koi Security have uncovered a malicious Microsoft Outlook...

The Human Hack: LummaStealer Returns with Deceptive “ClickFix” Attacks Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

The Human Hack: LummaStealer Returns with Deceptive “ClickFix” Attacks

Do Son February 13, 2026

A new report from Bitdefender has revealed a troubling resurgence in LummaStealer activity, proving that even coordinated...

Telegram Phishing Campaign Hijacks Accounts by Abusing Trust Telegram Phishing Account Takeover

Telegram Phishing Campaign Hijacks Accounts by Abusing Trust

Do Son February 13, 2026

A new phishing campaign is targeting Telegram users by turning the platform’s own security features into a...

Excel Trap: New Phishing Campaign Deploys Fileless XWorm RAT XWorm RAT Excel Phishing

Excel Trap: New Phishing Campaign Deploys Fileless XWorm RAT

Do Son February 12, 2026

A new phishing campaign is exploiting an old vulnerability, using malicious Excel files to deploy the potent...

The 7-Zip Trap: How a 25-Year-Old Domain Was Weaponized to Turn Your PC into a Proxy Bot SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

The 7-Zip Trap: How a 25-Year-Old Domain Was Weaponized to Turn Your PC into a Proxy Bot

Do Son February 11, 2026

Security researchers have recently unveiled a sophisticated stratagem wherein adversaries gained control of the domain 7zip[.]com to...

Signed” Sealed, Delivered: Cybercriminals Abuse PayPal and Apple to Bypass Email Security DKIM Replay Attack Invoice Phishing

Signed” Sealed, Delivered: Cybercriminals Abuse PayPal and Apple to Bypass Email Security

Do Son February 11, 2026

Phishing attacks have evolved beyond poorly spelled emails and suspicious links. A new report by Kaseya (featuring...

The “Compatibility” Trap: New Mac Malware Tricks Users into Bypassing TCC OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

The “Compatibility” Trap: New Mac Malware Tricks Users into Bypassing TCC

Do Son February 9, 2026

Mac users, often confident in the “walled garden” security of their devices, are facing a new threat...

Stan Ghouls Target Uzbekistan and Russia with NetSupport RAT Stan Ghouls (Bloody Wolf) NetSupport RAT

Stan Ghouls Target Uzbekistan and Russia with NetSupport RAT

Do Son February 9, 2026

A cybercriminal group with a taste for local languages and a toolkit of “legitimate” software has launched...

Vercel Blob Phishing PDF Phishing Campaign

Cloud-Hosted Trap: Phishers Use Vercel & Telegram to Bypass Filters

Do Son February 6, 2026

Phishing attacks have evolved from simple “click here” links to complex, multi-stage puzzles designed to baffle security...

The “Fix” is a Trap: ConsentFix Phishing Bypasses MFA via Azure CLI ConsentFix Phishing OAuth Token Theft

The “Fix” is a Trap: ConsentFix Phishing Bypasses MFA via Azure CLI

Do Son February 2, 2026

A cunning new phishing technique is turning the trust of Microsoft’s own tools against its users. Dubbed...

AI-Coded Malware: Vietnamese “Huna” Actor Targets Job Seekers with PureRAT AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

AI-Coded Malware: Vietnamese “Huna” Actor Targets Job Seekers with PureRAT

Do Son February 2, 2026

A new wave of cyberattacks has been detected targeting job seekers worldwide, driven by a Vietnamese threat...

Under Attack: Microsoft Patches Office Zero-Day (CVE-2026-21509) Exploited in the Wild CVE-2024-38021 Microsoft Office Zero-Day CVE-2026-21509

Under Attack: Microsoft Patches Office Zero-Day (CVE-2026-21509) Exploited in the Wild

Do Son January 27, 2026

Microsoft has rolled out an urgent security update to plug a zero-day hole exploited in attacks in...

The Developer’s Backdoor: North Korea Weaponizes Visual Studio Code Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

The Developer’s Backdoor: North Korea Weaponizes Visual Studio Code

Do Son January 26, 2026

Cyber spies aligned with North Korea are now weaponizing a tool beloved by developers worldwide—Visual Studio Code—to...

The Invisible Trap: GenAI Now Creates “Living” Polymorphic Phishing Pages GenAI Phishing Polymorphic Attacks

The Invisible Trap: GenAI Now Creates “Living” Polymorphic Phishing Pages

Do Son January 26, 2026

Security researchers at Palo Alto Networks Unit 42 have unveiled a concerning evolution in web-based attacks, demonstrating...

Crossing the Andes: Sophisticated Loan Phishing Scams Hit Peru Peru Loan Phishing Luhn Algorithm Scam

Crossing the Andes: Sophisticated Loan Phishing Scams Hit Peru

Do Son January 23, 2026

A sophisticated wave of digital fraud is sweeping through Peru, targeting vulnerable individuals with the promise of...

Smishing Alert: Telegram Bots Power New PNB MetLife Phishing Campaign PNB MetLife Phishing Telegram Exfiltration

Smishing Alert: Telegram Bots Power New PNB MetLife Phishing Campaign

Do Son January 22, 2026

A new, highly aggressive phishing campaign has been uncovered targeting policyholders of PNB MetLife Insurance, blending mobile-first...

Hidden in Plain Site: PURELOGS Stealer Hides Malware in Archive.org Images PURELOGS Stealer Archive.org Phishing

Hidden in Plain Site: PURELOGS Stealer Hides Malware in Archive.org Images

Do Son January 21, 2026

A seemingly innocuous pharmaceutical invoice in your inbox could be the first step in a sophisticated four-stage...

“Nomad Leopard” Spotted in the Wild: Cyber Espionage Campaign Targets Afghan Government Nomad Leopard Afghanistan Cyber Espionage

“Nomad Leopard” Spotted in the Wild: Cyber Espionage Campaign Targets Afghan Government

Do Son January 20, 2026

A new cyber espionage campaign targeting the heart of Afghanistan’s administration has been uncovered, revealing a mix...

Operation Poseidon: Konni APT Hijacks Google & Naver Ads for Malware Operation Poseidon Konni APT

Operation Poseidon: Konni APT Hijacks Google & Naver Ads for Malware

Do Son January 20, 2026

In a deep-dive analysis released by Genians Security Center, researchers have exposed “Operation Poseidon,” a sophisticated campaign...

Invisible Intruder: Fileless Remcos RAT Hides in Shipping Emails Fileless Remcos RAT Phishing Campaign

Invisible Intruder: Fileless Remcos RAT Hides in Shipping Emails

Do Son January 19, 2026

A sophisticated new phishing campaign has been detected in the wild, leveraging a fileless variant of the...

Critical Alert 1 Active Exploit Detected Today