phishing Archives • Page 7 of 17 • Daily CyberSecurity

Fully Autonomous Cybercrime: TA585 Uses ClickFix Phishing and Own Infrastructure to Deploy Premium MonsterV2 RAT TA585 Autonomous, MonsterV2 RAT

Fully Autonomous Cybercrime: TA585 Uses ClickFix Phishing and Own Infrastructure to Deploy Premium MonsterV2 RAT

Do Son October 15, 2025

Proofpoint has identified a new and highly self-reliant cybercriminal threat actor, tracked as TA585, which operates with...

Browser Choice Alliance letter Microsoft Edge cleartext credentials memory dump Microsoft Edge auto-startup Microsoft Edge Collections sunset, export Edge Collections CSV Edge IE Mode Zero-Day, Chakra Exploit Windows Search, Microsoft Edge AI video translation, Edge browser Microsoft Editor, Edge Edge Developer tools Windows 10 ESU, Microsoft Edge Microsoft Edge, FCP Optimization CVE-2023-36735 Edge, AI Search

Microsoft Patches Edge IE Mode After Hackers Exploited Chakra Zero-Day for Device Takeover

Do Son October 14, 2025

After discovering that hackers were exploiting a zero-day vulnerability in the Chakra JavaScript engine used by Internet...

SVG Smuggling: Fake Colombian Judicial Lure Deploys AsyncRAT via Malicious HTA File SVG Smuggling, AsyncRAT

SVG Smuggling: Fake Colombian Judicial Lure Deploys AsyncRAT via Malicious HTA File

Do Son October 14, 2025

Seqrite Threat Research Labs has uncovered a targeted phishing campaign in Spanish designed to trick Colombian users...

Payroll Piracy: Hackers Storm-2657 Exploit MFA Flaws to Hijack University Salary Payments via Workday Payroll Piracy, Workday Phishing

Payroll Piracy: Hackers Storm-2657 Exploit MFA Flaws to Hijack University Salary Payments via Workday

Do Son October 13, 2025

Microsoft Threat Intelligence has issued a warning about a financially motivated campaign conducted by a threat actor...

Cryptocurrency Drain Conspiracy: Single Alibaba Server Hosts Multi-Vector Scams, Hijacking Wallets via Fake Trust Wallet and MobileConfig Crypto Drain Conspiracy, Malicious MobileConfig phone phishing Cryptocurrency Phishing

Crypto Drain Conspiracy, Malicious MobileConfig phone phishing Cryptocurrency Phishing

Cryptocurrency Drain Conspiracy: Single Alibaba Server Hosts Multi-Vector Scams, Hijacking Wallets via Fake Trust Wallet and MobileConfig

Do Son October 13, 2025

DomainTools Threat Intelligence has exposed a sprawling cybercrime operation that uses a single infrastructure to power multiple...

Beamglea Campaign: Hackers Abuse 175 npm Packages and unpkg CDN for Large-Scale Phishing npm Phishing, Beamglea

Beamglea Campaign: Hackers Abuse 175 npm Packages and unpkg CDN for Large-Scale Phishing

Do Son October 11, 2025

Socket’s Threat Research Team has uncovered a massive supply-chain abuse campaign leveraging npm’s public registry and unpkg.com’s...

Zero-Download Malware: New Cache Smuggling Phishing Attack Delivers Payload via Browser Cache DriverFixer0428, Contagious Interview Cache Smuggling, ClickFix Evasion North Korean Cyber Espionage

DriverFixer0428, Contagious Interview Cache Smuggling, ClickFix Evasion North Korean Cyber Espionage

Zero-Download Malware: New Cache Smuggling Phishing Attack Delivers Payload via Browser Cache

Do Son October 10, 2025

Security researchers from Expel have discovered a new phishing campaign that creatively blends social engineering with browser...

ClickFix Phishing: New Automated Kits Trick Users Into Manually Running Malware and Stealers Acreed Infostealer, BNB Smart Chain CVE-2023-20269 exploit

Acreed Infostealer, BNB Smart Chain CVE-2023-20269 exploit

ClickFix Phishing: New Automated Kits Trick Users Into Manually Running Malware and Stealers

Do Son October 10, 2025

Researchers from Palo Alto Networks Unit 42 have discovered a new phishing trend where attackers trick victims...

SideWinder APT Launches Operation SouthNet, Weaponizing Netlify and Pages.dev for Espionage NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

SideWinder APT Launches Operation SouthNet, Weaponizing Netlify and Pages.dev for Espionage

Do Son October 7, 2025

A new report from Hunt Intelligence reveals that APT SideWinder — one of South Asia’s most active...

Cavalry Werewolf APT Targets Russian Agencies with FoalShell and Telegram C2 FBI email system hack

Cavalry Werewolf APT Targets Russian Agencies with FoalShell and Telegram C2

Do Son October 3, 2025

The threat actor known as Cavalry Werewolf has been observed ramping up its operations between May and...

Hackers Hijack Industrial Cellular Routers to Launch Widespread Smishing Campaigns Across Europe CVE-2020-3259 Router Smishing, Grooza Cluster

CVE-2020-3259 Router Smishing, Grooza Cluster

Hackers Hijack Industrial Cellular Routers to Launch Widespread Smishing Campaigns Across Europe

Do Son October 1, 2025

A new report from Sekoia.io’s Threat Detection & Research (TDR) team reveals how attackers are weaponizing industrial...

Ongoing APT35 Phishing Campaign Uncovered: Iranian Group Impersonates Video Conferencing Services Chinese espionage groups APT35 Phishing, Stormshield CTI

Chinese espionage groups APT35 Phishing, Stormshield CTI

Ongoing APT35 Phishing Campaign Uncovered: Iranian Group Impersonates Video Conferencing Services

Do Son September 30, 2025

The Stormshield Cyber Threat Intelligence (CTI) team has uncovered new phishing infrastructure tied to APT35, also known...

Rent-a-Domain: Report Details How APTs and Cybercriminals Abuse DDNS Services for Malicious Infrastructure NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

Rent-a-Domain: Report Details How APTs and Cybercriminals Abuse DDNS Services for Malicious Infrastructure

Do Son September 30, 2025

A new analysis from Silent Push Threat Analysts highlights the growing misuse of publicly rentable subdomain providers,...

New Lone None Stealer Malware Hijacks Crypto Wallets via Fake Copyright Takedown Notices BingX cyberattack FortiGate SSO Attacks Firewall Config Theft

BingX cyberattack FortiGate SSO Attacks Firewall Config Theft

New Lone None Stealer Malware Hijacks Crypto Wallets via Fake Copyright Takedown Notices

Do Son September 26, 2025

Cofense Intelligence has uncovered an evolving phishing campaign that uses copyright takedown notices as its primary lure....

New Phishing Campaign Targets PyPI Maintainers with Fake Domain Layoff Phishing Scam Remcos RAT Malware Aruba Phishing, Phishing-as-a-Service PyPI, phishing CVE-2024-25608 PyPI Phishing, Credential Theft

Layoff Phishing Scam Remcos RAT Malware Aruba Phishing, Phishing-as-a-Service PyPI, phishing CVE-2024-25608 PyPI Phishing, Credential Theft

New Phishing Campaign Targets PyPI Maintainers with Fake Domain

Do Son September 25, 2025

The Python Package Index (PyPI) is once again the target of a phishing campaign aimed at maintainers,...

Banking Trojans Masquerading as Government and Payment Apps Target Android Users in Southeast Asia Android banking trojan, BankBot

Banking Trojans Masquerading as Government and Payment Apps Target Android Users in Southeast Asia

Do Son September 23, 2025

Since August 2024, a financially motivated threat group has been targeting Indonesian and Vietnamese Android users with...

Beyond Trust: A New Campaign Is Using a Legitimate Tool to Deliver RATs ConnectWise ScreenConnect, RMM tool abuse

Beyond Trust: A New Campaign Is Using a Legitimate Tool to Deliver RATs

Do Son September 23, 2025

A new report from Hunt Intelligence reveals how attackers are abusing ConnectWise ScreenConnect (formerly ConnectWise Control) to...

Subtle Snail: Iran-Linked Espionage Campaign Targets European Telecom, Aerospace, and Defense Harvester APT Linux Backdoor OT Cyberattack Iranian APT Operation Olalampo MuddyWater APT Prince of Persia APT, Tonnerre v50 Patchwork APT, DLL Sideloading Subtle Snail, cyber espionage ShadowSilk, cyber espionage Volt Typhoon APT Group - Chinese Cybersecurity Firm

Harvester APT Linux Backdoor OT Cyberattack Iranian APT Operation Olalampo MuddyWater APT Prince of Persia APT, Tonnerre v50 Patchwork APT, DLL Sideloading Subtle Snail, cyber espionage ShadowSilk, cyber espionage Volt Typhoon APT Group - Chinese Cybersecurity Firm

Subtle Snail: Iran-Linked Espionage Campaign Targets European Telecom, Aerospace, and Defense

Do Son September 23, 2025

A new study from Catalyst has exposed a sophisticated cyber espionage campaign conducted by Subtle Snail (UNC1549),...

LastPass Warns of New SEO Poisoning Attack Targeting Mac Users LastPass, macOS infostealer

LastPass Warns of New SEO Poisoning Attack Targeting Mac Users

Do Son September 22, 2025

The LastPass Threat Intelligence, Mitigation, and Escalation (TIME) team has issued a warning about an ongoing infostealer...

CountLoader: A New Malware Loader Linked to Russian Ransomware Groups Osiris Ransomware Inc Ransomware Connection CountLoader Massive Ransomware Campaign CVE-2025-0289

Osiris Ransomware Inc Ransomware Connection CountLoader Massive Ransomware Campaign CVE-2025-0289

CountLoader: A New Malware Loader Linked to Russian Ransomware Groups

Do Son September 22, 2025

Researchers at Silent Push have identified a newly emerging malware loader dubbed CountLoader, which they assess to...

Critical Alert 3 Active Exploits Detected Today

Critical Alert

phishing

Fully Autonomous Cybercrime: TA585 Uses ClickFix Phishing and Own Infrastructure to Deploy Premium MonsterV2 RAT

Microsoft Patches Edge IE Mode After Hackers Exploited Chakra Zero-Day for Device Takeover

SVG Smuggling: Fake Colombian Judicial Lure Deploys AsyncRAT via Malicious HTA File

Payroll Piracy: Hackers Storm-2657 Exploit MFA Flaws to Hijack University Salary Payments via Workday

Cryptocurrency Drain Conspiracy: Single Alibaba Server Hosts Multi-Vector Scams, Hijacking Wallets via Fake Trust Wallet and MobileConfig

Beamglea Campaign: Hackers Abuse 175 npm Packages and unpkg CDN for Large-Scale Phishing

Zero-Download Malware: New Cache Smuggling Phishing Attack Delivers Payload via Browser Cache

SideWinder APT Launches Operation SouthNet, Weaponizing Netlify and Pages.dev for Espionage

Cavalry Werewolf APT Targets Russian Agencies with FoalShell and Telegram C2

Hackers Hijack Industrial Cellular Routers to Launch Widespread Smishing Campaigns Across Europe

Ongoing APT35 Phishing Campaign Uncovered: Iranian Group Impersonates Video Conferencing Services

Rent-a-Domain: Report Details How APTs and Cybercriminals Abuse DDNS Services for Malicious Infrastructure

New Lone None Stealer Malware Hijacks Crypto Wallets via Fake Copyright Takedown Notices

New Phishing Campaign Targets PyPI Maintainers with Fake Domain

Banking Trojans Masquerading as Government and Payment Apps Target Android Users in Southeast Asia

Beyond Trust: A New Campaign Is Using a Legitimate Tool to Deliver RATs

Subtle Snail: Iran-Linked Espionage Campaign Targets European Telecom, Aerospace, and Defense

LastPass Warns of New SEO Poisoning Attack Targeting Mac Users

CountLoader: A New Malware Loader Linked to Russian Ransomware Groups