Phishing Attack

Sneaky 2FA Phishing Kit Adds BitB Style Pop ups That Closely Imitate the Browser Address Bar

A new phishing campaign is leveraging advanced techniques to steal credentials from unsuspecting users. The Phishing-as-a-Service (PhaaS) kit called Sneaky 2FA has integrated Browser-in-the-Browser (BitB) functionality, making it easier for less experienced attackers to perform large-scale credential theft operations. How BitB Works Security researchers at Push Security reported that the technique is being used to […]

Sneaky 2FA Phishing Kit Adds BitB Style Pop ups That Closely Imitate the Browser Address Bar Read More »

New EVALUSION ClickFix Campaign Delivers Amatera Stealer and NetSupport RAT

Security analysts have identified a new wave of cyberattacks that rely on the ClickFix method to trick victims into running harmful commands. This activity is being monitored by eSentire under the name EVALUSION. The attackers are deploying two serious threats, the Amatera Stealer and the NetSupport RAT, through deceptive phishing pages that imitate security checks.

New EVALUSION ClickFix Campaign Delivers Amatera Stealer and NetSupport RAT Read More »

Multi Stage Phishing Kit Uses Telegram to Steal Credentials and Evade Automated Security Checks

Phishing remains one of the most consistent cyber threats faced by organizations worldwide. Attackers continuously refine their strategies to steal credentials and sensitive data, and a recently uncovered phishing framework shows how far these tactics have evolved. Security analysts discovered a multi layered phishing system designed to impersonate Aruba S.p.A, an Italian IT and web

Multi Stage Phishing Kit Uses Telegram to Steal Credentials and Evade Automated Security Checks Read More »

Fake Chrome Extension Safery Steals Ethereum Wallet Seed Phrases via Sui Blockchain

bersecurity researchers have discovered a malicious Chrome extension masquerading as a legitimate Ethereum wallet that secretly steals users’ seed phrases through an advanced blockchain-based exfiltration technique. The extension, named “Safery: Ethereum Wallet,” was falsely promoted as a secure Ethereum wallet for managing cryptocurrency with customizable settings. It was first uploaded to the Chrome Web Store

Fake Chrome Extension Safery Steals Ethereum Wallet Seed Phrases via Sui Blockchain Read More »

Google Files Lawsuit Against China-Based Hackers Operating $1 Billion Lighthouse Phishing Network

Google has filed a civil suit in the U.S. District Court for the Southern District of New York against China-based operators of a large Phishing-as-a-Service platform called Lighthouse, alleging the network has ensnared over 1 million victims across 120 countries and generated more than $1 billion in illicit revenue over three years. The complaint seeks

Google Files Lawsuit Against China-Based Hackers Operating $1 Billion Lighthouse Phishing Network Read More »

Large-Scale ClickFix Phishing Campaign Targets Hotel Systems Using PureRAT Malware

A widespread phishing operation is targeting the hospitality sector, tricking hotel staff and guests into revealing sensitive credentials and payment data. The campaign uses compromised email accounts to impersonate legitimate booking platforms, then redirects victims to ClickFix-style pages that ultimately deliver PureRAT, a modular remote access trojan. Security firms link the activity to attacks active

Large-Scale ClickFix Phishing Campaign Targets Hotel Systems Using PureRAT Malware Read More »

Trojanized ESET Installers Drop Kalambur Backdoor in Phishing Attacks on Ukraine

A previously unidentified threat actor, aligned with Russian interests, has been discovered impersonating the cybersecurity firm ESET in a sophisticated phishing campaign against Ukrainian targets. The attacks, detected in May 2025, involved distributing malicious software installers that deployed a stealthy backdoor known as Kalambur. Deceptive Phishing Lures and Communication Channels The group, tracked by ESET

Trojanized ESET Installers Drop Kalambur Backdoor in Phishing Attacks on Ukraine Read More »

New Business Email Protection Method Blocks Phishing Attack Behind NPM Breach

A highly sophisticated phishing campaign successfully targeted high-profile developers on the NPM registry in September 2025, leading to one of the most significant supply chain attacks in its history. The attackers combined convincing social engineering with technical precision to steal credentials and inject malicious code into widely used packages, ultimately aiming to hijack cryptocurrency transactions.

New Business Email Protection Method Blocks Phishing Attack Behind NPM Breach Read More »

Google Warns of Threat Actors Using Fake Job Postings to Spread Malware and Steal Credentials

Cybercriminals have adopted an advanced social engineering approach that takes advantage of the trust job seekers place in employment platforms, as highlighted in a new Google security advisory. Targeting Through Deceptive Recruitment Websites A financially driven threat group based in Vietnam, identified as UNC6229, has been targeting professionals in the digital advertising and marketing sectors.

Google Warns of Threat Actors Using Fake Job Postings to Spread Malware and Steal Credentials Read More »

Smishing Triad Connected to 194,000 Malicious Domains in Worldwide Phishing Campaign

A major ongoing smishing campaign has been traced to over 194,000 malicious domains since January 1, 2024, targeting a wide variety of services around the world, according to recent research from Palo Alto Networks Unit 42. Although many of these domains are registered through a Hong Kong-based registrar and utilize Chinese nameservers, the bulk of

Smishing Triad Connected to 194,000 Malicious Domains in Worldwide Phishing Campaign Read More »