Phishing Attack

Researchers Bypass Perplexity Comet AI Browser Safeguards to Launch Phishing Scam in Minutes

Cybersecurity researchers have demonstrated how an artificial intelligence powered web browser can be manipulated into executing a phishing scam in just a few minutes. The attack targeted the Comet AI browser developed by Perplexity, highlighting emerging risks in agentic AI browsing technologies. Agentic browsers use artificial intelligence to automatically interact with websites, complete tasks, and make […]

Researchers Bypass Perplexity Comet AI Browser Safeguards to Launch Phishing Scam in Minutes Read More »

Europol-Led

Europol Led Operation Dismantles Tycoon 2FA Phishing as a Service Tied to 64,000 Attacks

A major international cybersecurity operation has successfully dismantled Tycoon 2FA, a large phishing-as-a-service platform that enabled cybercriminals to launch advanced phishing attacks targeting organizations worldwide. The takedown was coordinated by the European law enforcement agency Europol along with multiple cybersecurity firms and global investigators. Authorities confirmed that the platform was responsible for tens of thousands of phishing incidents

Europol Led Operation Dismantles Tycoon 2FA Phishing as a Service Tied to 64,000 Attacks Read More »

Starkiller Phishing Kit Leverages AiTM Reverse Proxy to Evade Multi Factor Authentication

Cybersecurity researchers have uncovered a powerful new phishing toolkit named Starkiller that leverages adversary in the middle technology to bypass multi factor authentication protections. The phishing suite is being promoted by a cybercrime group calling itself Jinkusu. It is marketed as a phishing as a service platform that provides subscribers with a centralized dashboard to

Starkiller Phishing Kit Leverages AiTM Reverse Proxy to Evade Multi Factor Authentication Read More »

SLH Offers $500 to $1,000 Per Call to Recruit Women for IT Help Desk Vishing Attacks

The cybercrime collective Scattered LAPSUS$ Hunters (SLH) has been reported recruiting women to execute voice phishing (vishing) attacks against IT help desks. According to Dataminr, the group is offering $500–$1,000 per call and supplying pre-written scripts to maximize the chances of success. The initiative reflects a shift in social engineering tactics, leveraging the assumption that female voices may

SLH Offers $500 to $1,000 Per Call to Recruit Women for IT Help Desk Vishing Attacks Read More »

Bloody Wolf Targets Uzbekistan and Russia with NetSupport RAT via Spear-Phishing Campaign

Cybersecurity researchers have linked a targeted cyber campaign to the threat actor known as Bloody Wolf, which is actively infecting systems in Uzbekistan and Russia through spear-phishing emails that deliver the NetSupport Remote Access Trojan. The activity is being monitored by cybersecurity firm Kaspersky under the tracking name Stan Ghouls. The group has been operational

Bloody Wolf Targets Uzbekistan and Russia with NetSupport RAT via Spear-Phishing Campaign Read More »

German Agencies Warn of Signal Phishing Attacks Targeting Politicians, Military, and Journalists

Germany’s Federal Office for the Protection of the Constitution, known as BfV, together with the Federal Office for Information Security BSI, have issued a joint cybersecurity alert regarding an active phishing campaign abusing the Signal messaging platform. According to the advisory, the campaign is attributed to a likely state-sponsored threat actor and is specifically aimed at politicians, military officials, diplomats,

German Agencies Warn of Signal Phishing Attacks Targeting Politicians, Military, and Journalists Read More »

DEAD#VAX Malware Campaign Spreads AsyncRAT Using IPFS-Hosted VHD Phishing Files

Threat hunters have revealed details of a sophisticated malware operation named DEAD#VAX, a stealth focused campaign that combines disciplined operational techniques with the abuse of legitimate Windows features to evade detection and deploy the AsyncRAT remote access trojan. According to researchers from Securonix, the campaign relies on IPFS hosted virtual hard disk files, advanced script obfuscation,

DEAD#VAX Malware Campaign Spreads AsyncRAT Using IPFS-Hosted VHD Phishing Files Read More »

Indian Users Targeted in Tax Phishing Campaign Delivering Blackmoon Malware

Cybersecurity researchers have identified an active phishing campaign targeting users in India as part of a suspected cyber espionage operation. The campaign delivers a multi-stage backdoor designed to provide long-term access, continuous surveillance, and data exfiltration from infected systems. According to the eSentire Threat Response Unit (TRU), the attackers are distributing phishing emails that impersonate

Indian Users Targeted in Tax Phishing Campaign Delivering Blackmoon Malware Read More »

New Phishing Attack Abuses Vercel Hosting Platform to Deliver a Remote Access Tool

A newly identified phishing campaign active between November 2025 and January 2026 has been abusing Vercel’s legitimate hosting infrastructure to distribute remote access tools to targeted victims. By combining social engineering with trusted cloud services, the attackers have significantly increased their success rate while evading traditional security defenses. The campaign relies heavily on urgency-based phishing

New Phishing Attack Abuses Vercel Hosting Platform to Deliver a Remote Access Tool Read More »

Multi Stage Phishing Campaign Targets Russia Using Amnesia RAT and Ransomware

Cybersecurity researchers have identified a sophisticated multi-stage phishing campaign actively targeting users in Russia, delivering both ransomware and a remote access trojan known as Amnesia RAT. According to a technical analysis published by Fortinet FortiGuard Labs researcher Cara Lin, the attack chain begins with carefully crafted social engineering lures delivered through business-themed documents. These files

Multi Stage Phishing Campaign Targets Russia Using Amnesia RAT and Ransomware Read More »