Advertisement
Gavril Sandu Extradited to US for Historical Phishing Scheme
Gavril Sandu, a Romanian national, faces US charges for a 2007-2008 phishing operation that targeted financial institutions and thousands of victims.
AitM Phishing Attacks Target US Organizations with Conduct Reports
Microsoft warns of a sophisticated AitM phishing campaign using fake conduct reports to bypass MFA and hijack Microsoft 365 user sessions.
Credential Theft: Microsoft Details Phishing Campaign Targeting 35k Users
Microsoft warns of a global phishing campaign targeting 35,000 users with code-of-conduct lures to steal authentication tokens across 13,000 organizations.
Robinhood Sign-Up Flaw Used for Phishing Injection - Analysis
Exploit of Robinhood's account creation process allowed attackers to inject phishing content into official emails, bypassing standard security filters.
Malicious Crypto Apps on Apple App Store Target Private Keys
Dozens of fake cryptocurrency wallet applications have been found in the Apple App Store, designed to phish users' recovery phrases and private keys, leading to
Defending Against Identity-Based Attacks and Stolen Credentials
Identity-based attacks use stolen credentials to bypass security. Learn why these attacks are the primary entry point and how to mitigate the risk.
Apple ID Alerts Abused for Phishing via Legitimate Servers
Threat actors are exploiting Apple's account notification system to send authentic-looking phishing emails that bypass traditional spam filters and SPF checks.
Business Impersonation Fraud: Analyzing Identity Gaps in 2024
Analysis of how attackers exploit identity verification gaps to execute financial fraud and brand impersonation, from shell companies to AI-driven scams.
Abused n8n Webhooks Facilitate Automated Malware Delivery Since 2025
Threat actors are weaponizing n8n AI workflow automation webhooks to bypass email filters and distribute malware in persistent phishing campaigns.
AI Diffusion in Cybercrime: How Hackers Exploit LLM Tools
An analysis of how cybercriminals discuss and adopt AI tools, highlighting the diffusion of LLM exploitation techniques in underground forums.
Booking.com Data Breach: Unauthorized Access to Customer Information
Booking.com confirms unauthorized access to customer booking data. Analyze the breach impact, TTPs used against travel platforms, and mitigation strategies.
FBI and Indonesia Dismantle W3LL Phishing Infrastructure
Law enforcement dismantles the W3LL phishing toolkit infrastructure responsible for $20M in fraud attempts and thousands of credential thefts globally.