social engineering Archives • Daily CyberSecurity

DriveSurge Threat Cluster Exploits Thousands of Websites Globally DriveSurge threat cluster Traffic Distribution System

DriveSurge Threat Cluster Exploits Thousands of Websites Globally

Do Son June 4, 2026

A sophisticated digital campaign is currently compromising thousands of web ecosystems across the internet. Specifically, defensive intelligence...

Beyond Email: Attackers Hijack Microsoft Teams External Access to Launch Deep Network Compromise Microsoft Teams External Phishing Rapid7 Labs Incident Response

Microsoft Teams External Phishing Rapid7 Labs Incident Response

Beyond Email: Attackers Hijack Microsoft Teams External Access to Launch Deep Network Compromise

Do Son May 21, 2026

A newly detailed incident response investigation highlights a critical reality for corporate security teams: the perimeter of...

The “JobStealer” Trojan Hijacking Crypto Wallets via Fake Meetings JobStealer Trojan Crypto Wallet Theft

The “JobStealer” Trojan Hijacking Crypto Wallets via Fake Meetings

Do Son May 11, 2026

The job market is tough enough without a scheduled interview turning into a devastating cyber heist. According...

Iranian APT MuddyWater Masquerades as Chaos Ransomware in Elaborate False Flag MuddyWater APT Ransomware False Flag

Iranian APT MuddyWater Masquerades as Chaos Ransomware in Elaborate False Flag

Do Son May 11, 2026

According to a recent investigation by Rapid7 Labs, a sophisticated intrusion initially appearing to be a standard...

Fileless Python Malware Uses Humanitarian Lures to Deploy Full-Spectrum Surveillance Python Cyberespionage Fileless Malware

Fileless Python Malware Uses Humanitarian Lures to Deploy Full-Spectrum Surveillance

Do Son May 11, 2026

According to the latest intelligence from Cyble Research and Intelligence Labs (CRIL), threat actors are actively demonstrating...

Attackers Hijack Trusted RMM Tools to Create Invisible, Permanent Backdoors RMM Hijacking Campaign Self-Healing Persistence

Attackers Hijack Trusted RMM Tools to Create Invisible, Permanent Backdoors

Do Son May 7, 2026

A sophisticated phishing campaign is proving that the most effective “virus” is often a legitimate piece of...

Deceptive “DeepSeek-Claw” Skill Hijacks OpenClaw Agents to Steal Credentials OpenClaw Framework Malware DeepSeek-Claw AI Skill

Deceptive “DeepSeek-Claw” Skill Hijacks OpenClaw Agents to Steal Credentials

Do Son May 7, 2026

Security researchers at Zscaler ThreatLabz have uncovered a deceptive campaign targeting the OpenClaw framework—an open-source tool designed...

“AccountDumpling” Hijacked Google Infrastructure to Steal 30,000 Facebook Accounts AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

“AccountDumpling” Hijacked Google Infrastructure to Steal 30,000 Facebook Accounts

Do Son May 6, 2026

In a sophisticated display of “trust inversion,” a Vietnamese-linked cybercriminal operation has turned Google’s own infrastructure against...

The AI-Powered Cybercrime Factory: Unmasking the Bluekit “All-in-One” Phishing Revolution Bluekit Phishing AI-Powered Phishing

The AI-Powered Cybercrime Factory: Unmasking the Bluekit “All-in-One” Phishing Revolution

Do Son May 5, 2026

Security researchers at Varonis Threat Labs have dissected a new, all-in-one phishing platform dubbed Bluekit that is...

The 11-Step Trap: How a Fake DHL OTP Trick Steals Your Password DHL Phishing OTP Social Engineering

The 11-Step Trap: How a Fake DHL OTP Trick Steals Your Password

Do Son May 1, 2026

Researchers at Forcepoint X-Labs have recently identified a clever phishing campaign targeting everyday consumers by impersonating the...

Tall Tales: China’s Private Contractors and the Global Hunt for Dissent UNC5221 HAFNIUM Extradition PRC State Espionage

Tall Tales: China’s Private Contractors and the Global Hunt for Dissent

Do Son April 29, 2026

An investigation by The Citizen Lab, in collaboration with the International Consortium of Investigative Journalists (ICIJ), has...

Inside BlueNoroff’s “Self-Reinforcing” Deepfake Meeting Trap BlueNoroff Deepfakes Crypto Deepfake Phishing

Inside BlueNoroff’s “Self-Reinforcing” Deepfake Meeting Trap

Do Son April 28, 2026

Cybersecurity researchers at Arctic Wolf have uncovered a sophisticated, globally distributed campaign by the North Korean state-sponsored...

Inside the Stealthy Evolution of Vidar Infostealer Vidar Infostealer Stealth Attack Framework

Inside the Stealthy Evolution of Vidar Infostealer

Do Son April 28, 2026

Vidar, once a straightforward credential stealer, has officially completed its transformation into a “multi-stage, stealth-driven attack framework”....

Attackers Are Weaponizing Foxit PDF Reader’s Reputation Foxit PDF Malware UltraVNC Hijack

Attackers Are Weaponizing Foxit PDF Reader’s Reputation

Do Son April 28, 2026

A recent report from G DATA highlights a sophisticated campaign targeting users of Foxit Software, a popular...

UNC6692 Uses MS Teams and Cloud Reputations to Hijack Active Directory UNC6692 SNOW Malware Suite

UNC6692 Uses MS Teams and Cloud Reputations to Hijack Active Directory

Do Son April 27, 2026

A sophisticated new threat actor, UNC6692, is redefining the art of the initial breach. According to a...

ClickFix 2026: New AppleScript Malware Held macOS Users Hostage for Passwords ClickFix macOS Terminal Infostealer

ClickFix 2026: New AppleScript Malware Held macOS Users Hostage for Passwords

Do Son April 23, 2026

A sophisticated cross-platform social engineering campaign, dubbed ClickFix, has evolved to target macOS users with a relentless...

Microsoft Teams Exploited for Silent Enterprise Takeovers Teams Impersonation Administrative Abuse

Microsoft Teams Exploited for Silent Enterprise Takeovers

Do Son April 22, 2026

A new investigative report from the Microsoft Defender Security Research Team has unmasked a sophisticated intrusion chain...

North Korea’s UNC1069 Uses Fake Video Calls to Hijack Crypto UNC1069 Fake Meetings ClickFix Malware

North Korea’s UNC1069 Uses Fake Video Calls to Hijack Crypto

Do Son April 19, 2026

In a sophisticated escalation of cyber-enabled financial theft, security researchers from Validin have unmasked a sprawling campaign...

AI-Generated RAT “PHANTOMPULSE” Targets Crypto Sector via Social Engineering PHANTOMPULSE RAT Obsidian Malware Abuse

AI-Generated RAT “PHANTOMPULSE” Targets Crypto Sector via Social Engineering

Do Son April 17, 2026

In a sophisticated intersection of social engineering and technical ingenuity, security researchers have uncovered a novel campaign...

The Friend Request from Pyongyang: How APT37 Hijacks Facebook to Deploy RokRAT APT37 RokRAT Social Engineering Phishing

The Friend Request from Pyongyang: How APT37 Hijacks Facebook to Deploy RokRAT

Do Son April 15, 2026

A new investigation has revealed that the notorious state-sponsored threat group APT37 has significantly evolved its tactics,...

Critical Alert 1 Active Exploit Detected Today