Phishing Attack

Fake CAPTCHA IRSF Scam and 120 Keitaro Campaigns Fuel Global SMS and Crypto Fraud

Security researchers have identified an extensive telecommunications fraud operation deploying deceptive verification techniques to deceive mobile phone users into sending premium-rate international text messages, generating substantial illegal revenue for criminals controlling the receiving phone numbers. Cybersecurity firm Infoblox published comprehensive analysis revealing a telecommunications revenue-share fraud campaign involving elaborate social engineering tactics combined with malicious […]

Fake CAPTCHA IRSF Scam and 120 Keitaro Campaigns Fuel Global SMS and Crypto Fraud Read More »

n8n Webhooks Exploited Since October 2025 to Spread Malware Through Phishing Emails

Cybersecurity specialists have identified a significant vulnerability in how workflow automation platforms are being weaponized by criminal organizations. Since the latter part of 2025, malicious actors have systematically exploited n8n—a widely-used cloud-based process automation solution—to conduct elaborate phishing schemes and deploy harmful software. Researchers from Cisco’s threat intelligence division documented the concerning trend in a

n8n Webhooks Exploited Since October 2025 to Spread Malware Through Phishing Emails Read More »

UAT-10362 Launches Spear-Phishing Campaigns Targeting Taiwanese NGOs with LucidRook Malware

A newly identified cyber threat cluster, UAT-10362, has been linked to targeted spear-phishing attacks aimed at organizations in Taiwan, including non-governmental organizations (NGOs) and academic institutions. The campaign deploys a previously unknown malware framework called LucidRook. Security researchers from Cisco Talos revealed that the operation was first detected in October 2025 and demonstrates a high

UAT-10362 Launches Spear-Phishing Campaigns Targeting Taiwanese NGOs with LucidRook Malware Read More »

Silver Fox Expands Asia-Focused Cyber Campaign Using AtlasCross RAT and Fake Domains

A sophisticated cybercrime group known as Silver Fox, also tracked as SwimSnake, Valley Thief, UTG-Q-1000, and Void Arachne, has escalated its operations in Asia using a previously undocumented remote access trojan (RAT) named AtlasCross RAT. The campaign specifically targets Chinese-speaking users by leveraging typosquatted domains impersonating trusted software brands. Attack Vectors and Targeted Applications The group is

Silver Fox Expands Asia-Focused Cyber Campaign Using AtlasCross RAT and Fake Domains Read More »

AitM Phishing Attack Targets TikTok Business Accounts by Bypassing Cloudflare Turnstile Security

Cybersecurity researchers have uncovered a sophisticated phishing campaign designed to compromise TikTok for Business accounts using advanced adversary-in-the-middle (AitM) techniques. The operation, identified by Push Security, highlights how attackers are evolving their tactics to bypass modern security defenses. Business Accounts Become High-Value Targets Accounts linked to social media platforms are increasingly attractive to cybercriminals. Once compromised,

AitM Phishing Attack Targets TikTok Business Accounts by Bypassing Cloudflare Turnstile Security Read More »

Device Code Phishing Targets 340+ Microsoft 365 Organizations Across Five Countries via OAuth Abuse

A widespread device code phishing campaign is actively targeting Microsoft 365 identities in more than 340 organizations across the U.S., Canada, Australia, New Zealand, and Germany. According to Huntress researchers, the campaign was first observed on February 19, 2026, and has accelerated since. The threat actors exploit Cloudflare Workers redirects combined with Railway.com PaaS infrastructure to turn legitimate authentication flows into credential-harvesting mechanisms. Targeted

Device Code Phishing Targets 340+ Microsoft 365 Organizations Across Five Countries via OAuth Abuse Read More »

Microsoft Warns IRS Phishing Campaign Hits 29,000 Users and Deploys RMM Malware

Microsoft has issued a warning about a surge in phishing attacks exploiting the U.S. tax season, with cybercriminals targeting tens of thousands of users to steal sensitive data and deploy remote access malware. According to recent threat intelligence findings, attackers are leveraging tax-related themes to trick victims into engaging with malicious emails. These messages often

Microsoft Warns IRS Phishing Campaign Hits 29,000 Users and Deploys RMM Malware Read More »

FBI Warns of Russian Hackers Targeting Signal and WhatsApp in Large Scale Phishing Attacks

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued a warning about ongoing phishing attacks carried out by Russian-aligned threat actors. These campaigns are targeting widely used messaging platforms such as WhatsApp and Signal to compromise high-value individuals. Who Is Being Targeted The attacks primarily focus on individuals

FBI Warns of Russian Hackers Targeting Signal and WhatsApp in Large Scale Phishing Attacks Read More »

Konni Spreads EndRAT via Phishing and Uses KakaoTalk to Distribute Malware

Cybersecurity researchers have identified a new cyber espionage campaign carried out by the North Korean threat group Konni. The attackers are using phishing emails to compromise victims and then leveraging the popular messaging platform KakaoTalk to distribute malware to additional targets. The activity was analyzed by South Korean cybersecurity company Genians, whose researchers observed a multi stage attack designed

Konni Spreads EndRAT via Phishing and Uses KakaoTalk to Distribute Malware Read More »

Researchers Bypass Perplexity Comet AI Browser Safeguards to Launch Phishing Scam in Minutes

Cybersecurity researchers have demonstrated how an artificial intelligence powered web browser can be manipulated into executing a phishing scam in just a few minutes. The attack targeted the Comet AI browser developed by Perplexity, highlighting emerging risks in agentic AI browsing technologies. Agentic browsers use artificial intelligence to automatically interact with websites, complete tasks, and make

Researchers Bypass Perplexity Comet AI Browser Safeguards to Launch Phishing Scam in Minutes Read More »