Phishing Attack

Hackers Compromise WordPress Sites to Fuel Next-Generation ClickFix Phishing Campaigns

Cybersecurity teams have uncovered a coordinated campaign that compromises WordPress websites to inject malicious JavaScript, with the goal of redirecting visitors to fraudulent, malware laden pages. These drive by injections impersonate legitimate checks, tricking users into following steps that ultimately deliver malware or credential theft. What researchers found, and how the injection works Researchers at […]

Hackers Compromise WordPress Sites to Fuel Next-Generation ClickFix Phishing Campaigns Read More »

BatShadow Group Deploys Go-Based ‘Vampire Bot’ Malware Targeting Job Seekers

Researchers at Aryaka Threat Research Labs, Aditya K Sood and Varadharajan K, report that attackers impersonate recruiters, sending seemingly legitimate job descriptions and corporate documents that conceal malicious payloads. These lures are designed to look authentic, encouraging recipients to open files that initiate a multi-stage infection. How the attack works The campaign commonly uses ZIP

BatShadow Group Deploys Go-Based ‘Vampire Bot’ Malware Targeting Job Seekers Read More »

Hackers Exploit Milesight Routers to Send Phishing SMS to Users in Europe

Unknown threat actors have abused Milesight industrial cellular routers to send phishing SMS messages, or smishing, targeting users across several European countries since at least February 2022. French cybersecurity firm SEKOIA reports that attackers leveraged exposed router APIs to distribute malicious links, with a focus on Sweden, Italy, and Belgium. The campaigns impersonated government services,

Hackers Exploit Milesight Routers to Send Phishing SMS to Users in Europe Read More »

SVG Files Weaponized to Deliver PureMiner, Steal Sensitive Information

A recent phishing campaign targeting Ukrainian organizations abuses Scalable Vector Graphics, SVG, files as the initial infection vector. The attackers use embedded HTML, spoofed interfaces, and chained fileless stages to deliver two payloads, PureMiner, and Amatera Stealer. The campaign relies on user deception, legitimate tools, and memory-only execution to evade detection and harvest credentials, browser

SVG Files Weaponized to Deliver PureMiner, Steal Sensitive Information Read More »

Researchers Reveal Phishing Campaigns Distributing CountLoader and PureRAT

Researchers have uncovered a new phishing campaign that impersonates Ukrainian government organizations to distribute CountLoader, which subsequently delivers Amatera Stealer and PureMiner. According to Fortinet FortiGuard Labs researcher Yurren Wan, “The phishing emails carry malicious Scalable Vector Graphics (SVG) files designed to deceive recipients into opening dangerous attachments.” In the attack scenarios analyzed by cybersecurity

Researchers Reveal Phishing Campaigns Distributing CountLoader and PureRAT Read More »

17,500 Phishing Domains Target 316 Brands Across 74 Countries Amid Global PhaaS Surge

A recent surge in phishing-as-a-service (PhaaS) activity has linked over 17,500 phishing domains to 316 brands across 74 countries. The platforms behind this activity, known as Lighthouse and Lucid, are making large-scale phishing campaigns more accessible to cybercriminals. Netcraft reported that “PhaaS deployments have risen significantly recently. Operators charge monthly fees for phishing software with

17,500 Phishing Domains Target 316 Brands Across 74 Countries Amid Global PhaaS Surge Read More »

Chinese TA415 leverages VS Code remote tunnels to spy on U.S. economic policy experts

According to an analysis by Proofpoint, the intrusions impersonated senior figures and organizations involved in U.S.-China relations, including the Chair of the Select Committee on Strategic Competition between the United States and the Chinese Communist Party, and the U.S.-China Business Council. The emails specifically targeted people working on trade, economic policy, and bilateral relations, implying

Chinese TA415 leverages VS Code remote tunnels to spy on U.S. economic policy experts Read More »

New FileFix variant spreads StealC malware via multilingual phishing site

Cybersecurity researchers are tracking a fresh campaign that uses a new FileFix variant to deliver the StealC information stealer malware. The attack relies on a convincing, multilingual phishing site, advanced obfuscation, and anti-analysis tricks to avoid detection, according to an Acronis researcher, Eliad Kimhy, in a report shared with The Hacker News. How the attack

New FileFix variant spreads StealC malware via multilingual phishing site Read More »

VirusTotal Detects 44 SVG Files Abused to Deliver Base64-Encoded Phishing Pages

Cybersecurity researchers have uncovered a sophisticated phishing campaign abusing Scalable Vector Graphics (SVG) files to spread malicious content disguised as official documents from the Colombian judicial system. According to a report from VirusTotal, the attackers distribute the SVG files through email. These files contain hidden JavaScript code that decodes and loads a Base64-encoded phishing page

VirusTotal Detects 44 SVG Files Abused to Deliver Base64-Encoded Phishing Pages Read More »

Threat Actors Target PayPal Users with New Account Profile Setup Scam

A new and sophisticated phishing campaign is currently targeting PayPal users, exploiting deceptive emails titled “Set up your account profile” to compromise accounts through a clever secondary user addition scheme. This scam uses advanced email spoofing and psychological manipulation to bypass traditional security measures, marking a notable evolution in online financial fraud. The fraudulent emails

Threat Actors Target PayPal Users with New Account Profile Setup Scam Read More »