social engineering Archives • Page 4 of 12 • Daily CyberSecurity

The “I Paid Twice” Trap: New Booking.com Phishing Kit Targets Hotels & Guests Booking.com Fraud Hospitality Phishing

The “I Paid Twice” Trap: New Booking.com Phishing Kit Targets Hotels & Guests

Do Son February 18, 2026

A sophisticated financial fraud campaign has resurfaced, targeting the hospitality sector that victimizes both hotels and their...

Hackers Use Jira Notifications to Bypass Spam Filters Layoff Phishing Scam Remcos RAT Malware Aruba Phishing, Phishing-as-a-Service PyPI, phishing CVE-2024-25608 PyPI Phishing, Credential Theft

Layoff Phishing Scam Remcos RAT Malware Aruba Phishing, Phishing-as-a-Service PyPI, phishing CVE-2024-25608 PyPI Phishing, Credential Theft

Hackers Use Jira Notifications to Bypass Spam Filters

Do Son February 18, 2026

A new spam campaign is slipping past enterprise defenses by wearing a disguise that most security filters...

“Natural Selection” at Work: How North Korean IT Workers Use AI to Infiltrate Companies North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

“Natural Selection” at Work: How North Korean IT Workers Use AI to Infiltrate Companies

Do Son February 17, 2026

A new report from Okta Threat Intelligence has pulled back the curtain on a sprawling fraudulent employment...

The “Windows + R” Trap: ClickFix Scam Tricks Users into Installing StealC Malware StealC Malware ClickFix Campaign

The “Windows + R” Trap: ClickFix Scam Tricks Users into Installing StealC Malware

Do Son February 16, 2026

A new report from LevelBlue dissects a sophisticated multi-stage malware campaign that turns a routine security check...

“Matryoshka” Malware: New macOS Attack Hides Inside “Russian Dolls” of Obfuscation OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

“Matryoshka” Malware: New macOS Attack Hides Inside “Russian Dolls” of Obfuscation

Do Son February 16, 2026

Mac users are being targeted by a sophisticated new social engineering campaign that wraps malicious code in...

The Human Hack: LummaStealer Returns with Deceptive “ClickFix” Attacks Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

The Human Hack: LummaStealer Returns with Deceptive “ClickFix” Attacks

Do Son February 13, 2026

A new report from Bitdefender has revealed a troubling resurgence in LummaStealer activity, proving that even coordinated...

Trojan Horse in the Server Room: Muddled Libra’s Rogue VM Strategy Exposed Muddled Libra Rogue VM

Trojan Horse in the Server Room: Muddled Libra’s Rogue VM Strategy Exposed

Do Son February 13, 2026

A new investigation by Unit 42 has pulled back the curtain on the operations of Muddled Libra,...

Telegram Phishing Campaign Hijacks Accounts by Abusing Trust Telegram Phishing Account Takeover

Telegram Phishing Campaign Hijacks Accounts by Abusing Trust

Do Son February 13, 2026

A new phishing campaign is targeting Telegram users by turning the platform’s own security features into a...

Fake CEO, Real Hack: North Korea Uses AI Deepfakes to Steal Crypto UNC1069 Deepfake Attack Cryptocurrency Malware

Fake CEO, Real Hack: North Korea Uses AI Deepfakes to Steal Crypto

Do Son February 11, 2026

North Korean threat actors are leveling up their social engineering game, using AI-generated deepfakes and sophisticated malware...

Signed” Sealed, Delivered: Cybercriminals Abuse PayPal and Apple to Bypass Email Security DKIM Replay Attack Invoice Phishing

Signed” Sealed, Delivered: Cybercriminals Abuse PayPal and Apple to Bypass Email Security

Do Son February 11, 2026

Phishing attacks have evolved beyond poorly spelled emails and suspicious links. A new report by Kaseya (featuring...

The “Compatibility” Trap: New Mac Malware Tricks Users into Bypassing TCC OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

The “Compatibility” Trap: New Mac Malware Tricks Users into Bypassing TCC

Do Son February 9, 2026

Mac users, often confident in the “walled garden” security of their devices, are facing a new threat...

Stan Ghouls Target Uzbekistan and Russia with NetSupport RAT Stan Ghouls (Bloody Wolf) NetSupport RAT

Stan Ghouls Target Uzbekistan and Russia with NetSupport RAT

Do Son February 9, 2026

A cybercriminal group with a taste for local languages and a toolkit of “legitimate” software has launched...

“Hard Working” Thieves: Rublevka Team Steals $10M in Solana Scam-as-a-Service FIFA website spoofing scams FBI World Cup alert Pig Butchering Scam Jingliang Su Sentencing Meta China Scam Ads, Zuckerberg Revenue Conflict Trading Bot Scam BEC Scam Rental Payment Fraud

FIFA website spoofing scams FBI World Cup alert Pig Butchering Scam Jingliang Su Sentencing Meta China Scam Ads, Zuckerberg Revenue Conflict Trading Bot Scam BEC Scam Rental Payment Fraud

“Hard Working” Thieves: Rublevka Team Steals $10M in Solana Scam-as-a-Service

Do Son February 9, 2026

A sophisticated Russian cybercrime syndicate has stolen over $10 million in cryptocurrency since 2023, leveraging a highly...

CrashFix: New ClickFix Variant Deliberately Breaks Browsers to Deploy RAT CrashFix Malware ClickFix Campaign

CrashFix: New ClickFix Variant Deliberately Breaks Browsers to Deploy RAT

Do Son February 6, 2026

A dangerous evolution of the “ClickFix” social engineering campaign has been spotted in the wild, using a...

Vercel Blob Phishing PDF Phishing Campaign

Cloud-Hosted Trap: Phishers Use Vercel & Telegram to Bypass Filters

Do Son February 6, 2026

Phishing attacks have evolved from simple “click here” links to complex, multi-stage puzzles designed to baffle security...

“Can You Hear Me?” BlueNoroff Hackers Use Fake Audio Glitch to Breach macOS BlueNoroff macOS Attack GhostCall Campaign Carding Underground Bulletproof Hosting DPRK Contagious Interview, npm Flood Stonefly group -HiatusRAT Actors

BlueNoroff macOS Attack GhostCall Campaign Carding Underground Bulletproof Hosting DPRK Contagious Interview, npm Flood Stonefly group -HiatusRAT Actors

“Can You Hear Me?” BlueNoroff Hackers Use Fake Audio Glitch to Breach macOS

Do Son February 5, 2026

A routine business call turned into a nightmare for one macOS user after North Korean state-sponsored hackers...

“IT Support” Imposters: ShinyHunters Vishing Rings Bypass MFA to Steal Data ShinyHunters Vishing Corporate Vishing Attacks

“IT Support” Imposters: ShinyHunters Vishing Rings Bypass MFA to Steal Data

Do Son February 4, 2026

A new report from Mandiant details how sophisticated voice phishing (vishing) rings are bypassing modern security controls...

TAMECAT Exposed: APT42’s Fileless Backdoor Targets Defense Chiefs AI Fraud Schemes TAMECAT Malware APT42 Espionage

TAMECAT Exposed: APT42’s Fileless Backdoor Targets Defense Chiefs

Do Son February 4, 2026

A sophisticated espionage campaign targeting senior defense and government officials has been linked to APT42, an Iranian...

The “Go Client” Trap: Why Your RustDesk ID is Currently Under Automated Botnet Siege RustDesk "Go Client" botnet

The “Go Client” Trap: Why Your RustDesk ID is Currently Under Automated Botnet Siege

Do Son February 3, 2026

The renowned open-source remote access utility, RustDesk, was besieged in late January 2026 by an automated campaign...

The “IClickFix” Trap: 3,800+ WordPress Sites Poisoned by Fake CAPTCHAs IClickFix Framework WordPress Watering Hole

The “IClickFix” Trap: 3,800+ WordPress Sites Poisoned by Fake CAPTCHAs

Do Son February 3, 2026

A massive wave of “watering hole” attacks has turned thousands of legitimate WordPress websites into traps for...

Critical Alert 3 Active Exploits Detected Today

Critical Alert