Topic: phishing campaign
-
Beware: Fake LastPass Emails Mimic Backup Alerts
A new phishing campaign is impersonating LastPass with urgent emails, using deceptive subject lines and links to malicious sites designed to steal master passwords and compromise password vaults. LastPass has confirmed the campaign is fraudulent, stating it never asks for master passwords or urge...
Read More » -
Beware Fake Password Manager Breach Alerts Hijacking PCs
A phishing campaign is targeting LastPass and Bitwarden users with fraudulent emails that falsely claim security breaches, urging them to download a malicious desktop application. The malicious software installs a remote access tool called Syncro, which attackers use to deploy ScreenConnect for u...
Read More » -
OAuth Redirects Exploited to Deliver Malware
A sophisticated phishing campaign exploits OAuth's error-handling to redirect users from legitimate login pages to attacker-controlled sites, bypassing standard security filters. The attacks use convincing business-themed email lures to trick users into clicking links that lead to credential thef...
Read More » -
Beware: Fake Google Site Steals Passwords & MFA Codes via PWA
A sophisticated phishing campaign uses a fake Google security page to trick users into installing a malicious Progressive Web App (PWA), which steals sensitive data like OTPs and cryptocurrency details. Once installed, the malware acts as a network proxy, scans local ports, and uses fake notifica...
Read More » -
Bitpanda Customers Targeted by Sophisticated Phishing Scam
A sophisticated phishing campaign is impersonating cryptocurrency platform Bitpanda, using convincing fake emails and websites to steal login credentials and extensive personal data in a multi-step attack. The scam employs urgency tactics and a multi-step process that mimics multi-factor authenti...
Read More » -
Operation DoppelBrand: How Hackers Hijack Trusted Brands to Steal Your Data
A sophisticated phishing campaign dubbed Operation DoppelBrand, linked to threat actor GS7, is using highly convincing fake websites to impersonate major financial and tech brands and steal user credentials. The operation uses extensive automated infrastructure, including over 150 identified doma...
Read More » -
Beware: New Phishing Scam Steals Dropbox Passwords
A sophisticated phishing campaign targets corporate cloud storage credentials by using urgent, professional-looking emails that evade standard security protocols like SPF and DKIM. The attack employs a PDF attachment with a malicious link, hosted on legitimate cloud infrastructure to bypass autom...
Read More » -
Russian Hackers Use ISO Files to Spread Phantom Stealer Malware
A new Russian-linked phishing campaign, Operation MoneyMount-ISO, uses a deceptive email chain with a ZIP/ISO file to bypass standard email filters and deploy Phantom Stealer malware. The malware employs sophisticated anti-analysis techniques to evade detection and steals a wide range of sensitiv...
Read More » -
Beware: Fake Spam Filter Alerts Invading Inboxes
A new phishing scam tricks users with fake alerts about spam filters blocking legitimate emails, urging them to click links to release messages, posing serious security risks. These deceptive emails mimic official communications, redirecting users to counterfeit login pages that steal credentials...
Read More » -
PhantomCaptcha Cyberattack Hits Ukraine Aid Groups
The PhantomCaptcha phishing campaign targeted humanitarian and government aid organizations for Ukraine by impersonating the Ukrainian President's Office and distributing malware via deceptive PDF attachments. Attackers used a multi-stage malware process involving a downloader script, reconnaissa...
Read More » -
Rust Developers Targeted in New Phishing Campaign
A new phishing campaign is targeting Rust developers via emails that mimic official security breach notifications from the Rust Foundation, attempting to steal GitHub credentials. The fraudulent messages directed users to a fake login portal, but officials confirmed no actual breach occurred and ...
Read More » -
New Salty2FA Phishing Kit Raises Sophistication Alarm
The Salty2FA phishing kit uses advanced tactics like session-based subdomain rotation, legitimate platform abuse, and precise corporate branding to create highly convincing fraudulent login pages. It incorporates Cloudflare’s Turnstile and obfuscated JavaScript to evade automated analysis and com...
Read More » -
MonsterRAT: Stealthy Malware Threatens Windows Systems
A sophisticated phishing campaign distributes the previously undocumented MonsterRAT malware, which targets Windows systems and grants attackers full administrative control through a multi-stage infection process. The attack uses phishing emails disguised as business correspondence to deliver the...
Read More » -
Phishing Alert: Fake NDAs Sent Via "Contact Us" Forms Target Manufacturers
A sophisticated phishing campaign targets industrial and supply chain firms using deceptive "Contact Us" forms and prolonged professional emails to bypass security and build trust. Attackers use fake NDAs and malicious ZIP files to deploy the "MixShell" backdoor, which employs DNS tunneling for s...
Read More » -
New Phishing Attack Deploys RATs Using UpCrypter Evasion
A global phishing campaign uses personalized emails and fake websites to distribute malicious downloads, employing the UpCrypter loader to deploy remote access trojans for prolonged unauthorized access. The attack involves HTML attachments redirecting to deceptive sites, with variations like voic...
Read More » -
UK Immigration Sponsors Warned of Home Office Phishing Scam
UK businesses sponsoring foreign workers are targeted by phishing scams impersonating Home Office emails, aiming to steal login credentials from the Sponsorship Management System (SMS). The scam involves convincing fake emails with urgent warnings, tricking victims into entering credentials on fr...
Read More » -
Hackers Hijack AWS Accounts with AiTM Phishing & Fake Domains
A sophisticated phishing campaign targets AWS users with spoofed security emails, directing them to fake login pages on deceptive domains to steal credentials. The attack uses an adversary-in-the-middle (AiTM) framework to intercept and relay login data in real-time, bypassing multi-factor authen...
Read More » -
Russian Hackers Exploit Patched Microsoft Office Flaw
A Russian state-sponsored hacking group is actively exploiting a patched Microsoft Office vulnerability (CVE-2026-21509) through phishing campaigns to install backdoors on targeted systems. The attacks use two methods: one deploys a malicious VBA project to steal emails, while the other uses a mu...
Read More » -
Fake Windows BSOD Screens Deliver ClickFix Malware
A sophisticated phishing campaign targets the European hospitality industry by impersonating Booking.com, using a fake website and a fabricated Windows Blue Screen of Death error to trick users into manually installing malware. The attack deploys the DCRAT remote access trojan, which gains persis...
Read More » -
ScreenConnect Admins Alerted to Spoofed Login Attacks
ScreenConnect administrators are targeted by a phishing campaign using fake security alerts to steal login credentials and bypass multi-factor authentication, aiming to compromise Super Admin accounts. Attackers employ the EvilGinx framework to create convincing phishing portals that capture sess...
Read More » -
Russian Hackers Target Ukraine via Zimbra Vulnerability
A Russian state-backed hacking group (APT28) is exploiting a critical Zimbra vulnerability (CVE-2025-66376) to target Ukrainian government agencies, prompting a U.S. federal patch mandate. The stealthy "GhostMail" campaign uses phishing emails with embedded malicious HTML to silently steal login ...
Read More » -
Trust Wallet Hack: $7 Million Stolen in Extension Attack
A malicious update to the Trust Wallet Chrome extension on December 24th led to a $7 million cryptocurrency theft by stealing users' private wallet data. The attackers also launched a coordinated phishing campaign using a fake website to trick users into surrendering their wallet recovery seed ph...
Read More » -
ConsentFix Attack Hijacks Microsoft Accounts via Azure CLI
A new phishing campaign called **ConsentFix** compromises Microsoft accounts by exploiting the legitimate Azure CLI OAuth application, bypassing passwords and multi-factor authentication. The attack deceives users into authenticating themselves via a fake CAPTCHA and a Microsoft login page, then ...
Read More » -
Russian Hackers Attack Using New Microsoft Office Bug
Russian state-backed hackers (APT28/Fancy Bear) are actively exploiting a patched Microsoft Office vulnerability (CVE-2026-21509) in targeted attacks against Ukrainian and EU entities, using phishing emails with malicious documents. The attack delivers sophisticated malware via a complex WebDAV c...
Read More »