Phishing Attack

Microsoft Flags Multi-Stage AitM Phishing and BEC Attacks Targeting Energy Firms

Microsoft has issued an alert regarding a sophisticated multi-stage adversary-in-the-middle (AitM) phishing campaign combined with business email compromise (BEC) activity, primarily targeting organizations operating in the energy sector. According to the Microsoft Defender Security Research Team, the attackers exploited SharePoint file-sharing services to distribute phishing content while creating inbox rules to remain persistent and avoid […]

Microsoft Flags Multi-Stage AitM Phishing and BEC Attacks Targeting Energy Firms Read More »

Phishing Attack Uses Stolen Credentials to Install LogMeIn RMM for Persistent Access

Cybersecurity experts have revealed a sophisticated dual-phase phishing campaign that uses stolen login credentials to install legitimate Remote Monitoring and Management (RMM) software, giving attackers long-term control over compromised systems. According to researchers at KnowBe4 Threat Labs, Jeewan Singh Jalal, Prabhakaran Ravichandhiran, and Anand Bodke, attackers are now bypassing traditional security defenses by leveraging trusted

Phishing Attack Uses Stolen Credentials to Install LogMeIn RMM for Persistent Access Read More »

LastPass Alerts Users About Fake Maintenance Messages Targeting Master Passwords

LastPass has issued a warning about a new phishing campaign designed to steal users’ master passwords by impersonating the popular password management service. How the Phishing Campaign Works The campaign, active since around January 19, 2026, sends emails claiming upcoming maintenance and urging users to create a local backup of their password vaults within 24 hours. The phishing emails carry subject

LastPass Alerts Users About Fake Maintenance Messages Targeting Master Passwords Read More »

LOTUSLITE Backdoor Targets U.S. Policy Entities Through Venezuela-Themed Spear Phishing

Cybersecurity researchers have revealed a new malware campaign aimed at U.S. government and policy organizations, using politically themed lures to deliver a backdoor called LOTUSLITE. The campaign exploits geopolitical tensions between the U.S. and Venezuela. Attackers distributed a ZIP archive named “US now deciding what’s next for Venezuela.zip”, which contains a malicious DLL. This DLL is executed

LOTUSLITE Backdoor Targets U.S. Policy Entities Through Venezuela-Themed Spear Phishing Read More »

MuddyWater Launches RustyWater RAT Through Spear-Phishing Targeting Middle East Sectors

Cybersecurity researchers have uncovered a new spear phishing campaign linked to the Iranian threat actor MuddyWater, also known by multiple aliases, targeting critical sectors across the Middle East. The operation delivers a Rust based remote access trojan called RustyWater, signaling a continued shift toward more advanced and stealthy malware frameworks. Campaign Overview According to a

MuddyWater Launches RustyWater RAT Through Spear-Phishing Targeting Middle East Sectors Read More »

FBI Warns of North Korean Hackers Using Malicious QR Codes in Spear-Phishing Attacks

The U.S. Federal Bureau of Investigation (FBI) has issued a new advisory warning that North Korean state sponsored threat actors are actively using malicious QR codes in spear phishing campaigns targeting organizations across the United States. According to the FBI, as of 2025, actors linked to the Kimsuky threat group have targeted think tanks, academic institutions, and both U.S.

FBI Warns of North Korean Hackers Using Malicious QR Codes in Spear-Phishing Attacks Read More »

Microsoft Warns That Misconfigured Email Routing Can Enable Internal Domain Phishing

Microsoft has issued a warning that threat actors are exploiting misconfigured email routing and weak spoofing protections to carry out phishing attacks that appear to originate from within an organization’s own domain. According to the Microsoft Threat Intelligence team, attackers are abusing these routing weaknesses to deliver phishing emails that impersonate internal communications. These messages

Microsoft Warns That Misconfigured Email Routing Can Enable Internal Domain Phishing Read More »

Fake Booking Emails Lure Hotel Staff to BSoD-Themed Pages Delivering DCRat Malware

Cybersecurity experts have uncovered a new phishing campaign targeting the European hospitality industry, where hotel staff are deceived through fake Booking.com emails that lead to malicious software installation. The operation, tracked under the name PHALT#BLYX, relies on deceptive ClickFix style techniques combined with fake system error messages. Researchers from cybersecurity firm Securonix reported that the campaign

Fake Booking Emails Lure Hotel Staff to BSoD-Themed Pages Delivering DCRat Malware Read More »

Cybercriminals Exploit Google Cloud Email Feature in Multi-Stage Phishing Campaign

Cybersecurity experts have uncovered a large-scale phishing operation in which threat actors abused a legitimate Google Cloud feature to send deceptive emails that appeared to originate directly from Google infrastructure. According to findings shared by Check Point, attackers misused Google Cloud’s Application Integration service, specifically its built-in email notification capability, to distribute phishing messages from a genuine

Cybercriminals Exploit Google Cloud Email Feature in Multi-Stage Phishing Campaign Read More »

Silver Fox Targets Indian Users Using Tax-Themed Emails to Deliver ValleyRAT Malware

Cybersecurity researchers have identified a new phishing campaign targeting users in India, carried out by the China-linked threat actor known as Silver Fox. The operation uses income tax related email lures to distribute ValleyRAT, a modular remote access trojan also referred to as Winos 4.0. According to an analysis published by CloudSEK, the attack relies

Silver Fox Targets Indian Users Using Tax-Themed Emails to Deliver ValleyRAT Malware Read More »