Advertisement
Russian Intelligence Targets Commercial Messaging App Accounts
Russian intelligence services are exploiting commercial messaging applications through phishing to compromise accounts of U.S. government officials, military, and
7-Stage Phishing Chain Targets Outpost24 C-Suite via Redirects
Security researchers identify a sophisticated 7-stage phishing attack targeting Outpost24 executives using legitimate domains to evade email gateways.
Fake Chrome Update Campaigns Deploying NetSupport RAT
Technical analysis of phishing campaigns using JavaScript-injected websites to distribute NetSupport RAT via fake browser update overlays.
SmartApeSG Leverages ClickFix Pages to Deploy Remcos RAT
Analysis of the SmartApeSG campaign, detailing its use of deceptive 'ClickFix' pages to distribute Remcos RAT. Learn about RAT capabilities and general mitigation
Smartphone Phishing Bypasses Protections: AI's Role in Defense
Sophisticated Phishing attacks are increasingly bypassing smartphone protections. This analysis explores AI's potential role in defense and critical user safeguards.
Starbucks Employee Portal Phishing Leads to Data Breach
Starbucks confirms a data breach impacting hundreds of employees via targeted phishing attacks on an internal portal. Learn about the incident and prevention.
Manipulating Perplexity Comet AI via Reasoning-Based Phishing
Researchers from Guardio demonstrate a rapid attack vector against Perplexity’s Comet AI browser, tricking it into executing malicious phishing tasks.
Quasar RAT Delivery via Malicious PDF and LNK Files
Technical analysis of a multi-stage infection chain using PDF lures and LNK files to deploy Quasar RAT, including detection and mitigation strategies.
ClickFix Attack: Windows Terminal Used for Detection Evasion
The ClickFix attack leverages fake CAPTCHA pages to trick users into pasting malicious commands into Windows Terminal, bypassing traditional detection methods.
Phishing Alert: Impersonation of US City/County Officials Targets Permit Applicants
The FBI warns of active phishing campaigns impersonating US city and county officials to target businesses and individuals seeking permits, aiming for fraud and data
EU Court Adviser: Banks Must Refund Phishing Victims Immediately
CJEU Advocate General issues opinion requiring banks to refund unauthorized phishing transactions by the next business day under PSD2 regulations.
Europol Dismantles Tycoon 2FA Phishing Platform: Mitigating MFA Bypass
Europol and cybersecurity vendors dismantle Tycoon 2FA, a major phishing-as-a-service platform known for its sophisticated MFA bypass capabilities. Learn its impact and