Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK
Solana-based decentralized exchange Drift has confirmed that attackers drained about $285 million from the platform during a security incident that took plac...
MITRE ATT&CK Mapping
Articles mapped to MITRE ATT&CK techniques. Select a technique to view matching articles.
T1204 — User Execution (Execution)
Clear filter43 articles found
Hackers Weaponize Venom Stealer via ClickFix Lures for Massive Data Exfiltration
Hackers are increasingly turning simple social engineering tricks into full-scale data theft operations, and a newly identified malware platform called Venom...
NCSC Issues Security Alert Over Hackers Targeting WhatsApp and Signal Accounts
The UK’s cybersecurity agency offered advice to “high-risk’ individuals” on how to protect against social engineering and cyber-attacks
EvilTokens abuses Microsoft device code flow for account takeovers
A new phishing-as-a-service (PhaaS) campaign is abusing Microsoft’s device code authentication flow to gain unauthorized access to user accounts. Sekoia rese...
WhatsApp Alerts 200 Users After Fake iOS App Installed Spyware; Italian Firm Faces Action
Meta-owned messaging platform WhatsApp said it alerted about 200 users who were tricked into installing a bogus version of its iOS app that was infected with...
Routine Access Is Powering Modern Intrusions, a New Threat Report Finds
Modern intrusions increasingly start with valid credentials and routine access, not exploits. Blackpoint Cyber's upcoming threat report shows how VPN abuse, ...
New Venom Stealer MaaS Platform Automates Continuous Data Theft
Venom Stealer malware-as-a-service automates ClickFix social engineering, credential and crypto exfiltration
WhatsApp malware campaign uses malicious VBS files to gain persistent access
Microsoft is warning WhatsApp users of a new malware campaign that tricks them into executing malicious Visual Basic Script (VBS) files, ultimately enabling ...
Hackers Exploit Hotel Booking Systems to Send Fake Payment Requests to Guests
Hackers are increasingly targeting hotel booking workflows to trick travelers into handing over payment details, using a technique that blends real reservati...
Apple counters ClickFix attacks with macOS Terminal warning
Apple has added a new security feature in macOS Tahoe 26.4 that warns users before they enter commands in Terminal that could cause harm.
Apple Adds ClickFix Attack Warnings in New macOS Tahoe Security Feature
Apple has silently introduced a new security mechanism in macOS Tahoe 26.4 to protect users against social engineering campaigns known as ClickFix attacks.
DeepLoad Malware Uses ClickFix and AI Evasion to Hit Enterprise Networks
New “DeepLoad” malware is turning a single user click into fileless, credential‑stealing persistence inside enterprise networks, leveraging the ClickFix tech...
DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials
A new campaign has leveraged the ClickFix social engineering tactic as a way to distribute a previously undocumented malware loader referred to as DeepLoad.
Fake Cloudflare CAPTCHA Pages Deliver Infiniti Stealer Malware on macOS
A newly discovered macOS infostealer dubbed Infiniti Stealer is being actively distributed through deceptive Cloudflare-style CAPTCHA pages, marking a notabl...
Was ist Social Engineering?
Mit Social-Engineering-Techniken manipulieren Cyberkriminelle die menschliche Psyche. Lesen Sie, wie das funktioniert und wie Sie sich schützen können.
Fake npm Install Messages Conceal RAT Malware in New Open Source Supply Chain Attack
Fake npm install messages are the latest social engineering trick in the open source supply chain, with attackers abusing npm post‑install scripts to silentl...
ClickFix Campaigns Targeting Windows and macOS
Insikt Group reveals five ClickFix social engineering clusters (QuickBooks, Booking.com, Birdeye) targeting Windows and macOS.
LeakNet Ransomware Uses ClickFix via Hacked Sites, Deploys Deno In-Memory Loader
The ransomware operation known as LeakNet has adopted the ClickFix social engineering tactic delivered through compromised websites as an initial access method.
Boggy Serpens Threat Assessment
Iranian threat group Boggy Serpens' cyberespionage evolves with AI-enhanced malware and refined social engineering. Unit 42 details their persistent targeting.
Rapid7 Guidance on Observed Microsoft Teams Phishing Campaigns
The Rapid7 MDR team is currently monitoring an increase in phishing campaigns where threat actors (TAs) impersonate internal IT departments via Microsoft Tea...