Linux Foundation leader impersonated in Slack phishing campaign
The campaign targets open-source developers to steal credentials and deploy malware.
MITRE ATT&CK Mapping
Articles mapped to MITRE ATT&CK techniques. Select a technique to view matching articles.
T1566 — Phishing (Initial Access)
Clear filter133 articles found
Poisoned “Office 365” search results lead to stolen paychecks
A financially motivated hacking group is targeting Canadian employees with a sophisticated campaign designed to covertly redirect their salary payments into ...
UAT-10362 linked to LucidRook attacks targeting Taiwan-based institutions
LucidRook is Lua malware used in phishing attacks on NGOs and universities in Taiwan, linked to UAT-10362, spread via password-protected emails. LucidRook is...
GitHub, GitLab Abused for Malware and Phishing Campaigns
Hackers are increasingly abusing trusted software development platforms GitHub and GitLab to host malware and credential phishing campaigns, making defensive...
Obfuscated JavaScript or Nothing, (Thu, Apr 9th)
I spotted an interesting piece of JavaScript code that was delivered via a phishing email in a RAR archive. The file was called “cbmjlzan.
Hackers have been exploiting an unpatched Adobe Reader vulnerability for months
Adobe Reader vulnerabilities have been exploited for decades by threat actors taking advantage of the universal use of the utility to fool employees into dow...
New ‘LucidRook’ malware used in targeted attacks on NGOs, universities
A new Lua-based malware, called LucidRook, is being used in spear-phishing campaigns targeting non-governmental organizations and universities in Taiwan. [.
New VENOM phishing attacks steal senior executives' Microsoft logins
Threat actors using a previously undocumented phishing-as-a-service (PhaaS) platform called "VENOM" are targeting credentials of C-suite executives across mu...
Actor tied to Raccoon targets 'several dozen' companies by exploiting BPOs and helpdesks
Google says UNC6783 leverages social engineering and phishing campaigns to gain entry to the BPOs.
UAT-10362 Targets Taiwanese NGOs with LucidRook Malware in Spear-Phishing Campaigns
A previously undocumented threat cluster dubbed UAT-10362 has been attributed to spear-phishing campaigns targeting Taiwanese non-governmental organizations ...
When attackers already have the keys, MFA is just another door to open
Stolen credentials turn authentication systems into the attack surface. Token shows how wearable biometric authentication verifies the user—not the session—b...
New Phishing Campaign Exploits Google Storage to Deliver Remcos RAT
A recently observed phishing campaign is abusing Google Cloud Storage to deliver the Remcos remote access trojan (RAT), relying on trusted Google infrastruct...
Middle East Hack-for-Hire Operation Traced to South Asian Cyber Espionage Group
A spear-phishing campaign which spread across the Middle East between 2023 and 2024 has now been linked to Bitter APT group
Fake Security Tool Spreads LucidRook in Taiwan Cyberattacks
Hackers are using fake security tools and cleverly crafted phishing emails to secretly deploy a new malware family, LucidRook, against organizations in Taiwa...
Meta Business Alerts Abused for Phishing Campaigns
Hackers are weaponizing legitimate Meta Business Manager notifications to sneak phishing emails past security filters and into users’ inboxes. By abusing tru...
Phishers sneak through using GitHub and Jira’s own mail delivery infrastructure
Attackers are abusing the notification systems of SaaS platforms like GitHub and Jira to send phishing and spam emails, Cisco Talos researchers are warning. ...
Russia-linked APT28 uses PRISMEX to infiltrate Ukraine and allied infrastructure with advanced tactics
APT28 targets Ukraine and allies with PRISMEX malware, using stealthy techniques for espionage and command-and-control. Russia-linked group APT28 (aka UAC-00...
Two prominent Egyptian journalists targeted with elaborate spearphishing campaign
Digital civil rights nonprofit Access Now released a report on the findings with the mobile security company Lookout on Wednesday, saying they saw evidence t...
APT28 Deploys PRISMEX Malware in Campaign Targeting Ukraine and NATO Allies
The Russian threat actor known as APT28 (aka Forest Blizzard and Pawn Storm) has been linked to a fresh spear-phishing campaign targeting Ukraine and its all...
EvilTokens Uses Stolen Microsoft 365 Tokens, AI to Supercharge BEC
EvilTokens is a new Phishing-as-a-Service (PhaaS) platform that turns stolen Microsoft 365 tokens and AI into an end‑to‑end factory for Business Email Compro...