Advertisement
APT37 Social Engineering via Facebook Delivers RokRAT Malware
North Korean threat actor APT37 leverages Facebook friend requests and trust-building to deploy the RokRAT trojan against high-value targets.
Analyzing the Frequency of Open Redirects in Phishing Campaigns
Examine the technical drivers behind the use of open redirects in phishing delivery and learn strategies for detection and vulnerability remediation.
North Korean Social Engineering Targets Node.js Maintainers
North Korean threat actors use social engineering and malicious npm packages to target high-profile Node.js maintainers in a sophisticated supply chain campaign.
Axios npm Hijack Attempt: Detecting Social Engineering Tactics
North Korean threat actors targeted an Axios maintainer with a fake Microsoft Teams fix, highlighting critical risks to open-source supply chains.
Infinity Stealer macOS Malware: Analyzing ClickFix Lures and Payloads
Infinity Stealer targets macOS via ClickFix social engineering. Learn how this Nuitka-compiled malware steals browser data, crypto wallets, and Keychain info.
Palo Alto Networks Recruiter Scam and Quantum Security Outlook
Threat actors are impersonating Palo Alto Networks recruiters to target security professionals, while Google sets a 2029 deadline for quantum computing.
_Panther_Media_GmbH_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
Palo Alto Networks Recruitment Fraud: Analysis of Phishing Tactics
Phishing campaigns posing as Palo Alto Networks recruiters leverage LinkedIn data and psychological tactics to defraud job seekers in the security industry.
ClickFix Social Engineering Clusters Target Windows and macOS Systems
Insikt Group identifies five ClickFix clusters using obfuscated commands to exploit native system tools via fake browser error overlays on Windows and macOS.
Azure Monitor Alert Abuse: Detecting Callback Phishing Campaigns
Threat actors are abusing Microsoft Azure Monitor Action Groups to send legitimate-looking callback phishing emails to bypass traditional security filters.
Professional Refund Fraud Economy Targets Major E-Commerce Retailers
An analysis of the professional refund-as-a-service economy, detailing TTPs used by fraudsters to exploit retailer return policies and payment platforms.
LeakNet Ransomware: ClickFix Exploitation and Deno Loader Analysis
LeakNet ransomware leverages ClickFix social engineering and Deno-based in-memory loaders to bypass traditional security controls and deploy payloads.
LeakNet Ransomware: Stealthy Exploitation via Deno and ClickFix
LeakNet ransomware adopts ClickFix social engineering and the Deno runtime for stealthy initial access and loader deployment in corporate environments.