phishing
YouTube warns of AI-generated video of its CEO used in phishing attacks
YouTube warns that scammers are using an AI-generated video featuring the company’s CEO in phishing attacks to steal creators’ credentials. The attackers are sharing it as a private video with targeted users via emails claiming YouTube is changing its monetization policy. “We’re aware that phishers have been sharing private videos to send false videos, including […]
New ClickFix attack deploys Havoc C2 via Microsoft Sharepoint
A newly uncovered ClickFix phishing campaign is tricking victims into executing malicious PowerShell commands that deploy the Havok post-exploitation framework for remote access to compromised devices. ClickFix is a social-engineering tactic that emerged last year, where threat actors create websites or phishing attachments that display fake errors and then prompt the user to click a button […]
EncryptHub breaches 618 orgs to deploy infostealers, ransomware
A threat actor tracked as ‘EncryptHub,’ aka Larva-208, has been targeting organizations worldwide with spear-phishing and social engineering attacks to gain access to corporate networks. According to a report by Prodaft, which was published internally last week and made public yesterday, since June 2024, when EncryptHub initiated operations, it has compromised at least 618 organizations. After gaining access, […]
Darcula PhaaS can now auto-generate phishing kits for any brand
The Darcula phishing-as-a-service (PhaaS) platform is preparing to release its third major version, with one of the highlighted features, the ability to create do-it-yourself phishing kits to target any brand. The upcoming release, currently available as a beta, will remove the targeting scope restrictions by offering a finite number of phishing kits and allowing anyone […]
Phishing attack hides JavaScript using invisible Unicode trick
A new JavaScript obfuscation method utilizing invisible Unicode characters to represent binary values is being actively abused in phishing attacks targeting affiliates of an American political action committee (PAC). Juniper Threat Labs that spotted the attack reports that it took place in early January 2025 and carries signs of sophistication such as the use of: […]
Russian phishing campaigns exploit Signal’s device-linking feature
Russian threat actors have been launching phishing campaigns that exploit the legitimate “Linked Devices” feature in the Signal messaging app to gain unauthorized access to accounts of interest. Over the past year, researchers observed phishing operations attributed to Russian state-aligned groups that used multiple methods to trick targets into linking their Signal account to a […]
Microsoft: Hackers steal emails in device code phishing attacks
An active campaign from a threat actor potentially linked to Russia is targeting Microsoft 365 accounts of individuals at organizations of interest using device code phishing. The targets are in the government, NGO, IT services and technology, defense, telecommunications, health, and energy/oil and gas sectors in Europe, North America, Africa, and the Middle East. Microsoft Threat Intelligence Center tracks the threat […]
Hackers spoof Microsoft ADFS login pages to steal credentials
A help desk phishing campaign targets an organization’s Microsoft Active Directory Federation Services (ADFS) using spoofed login pages to steal credentials and bypass multi-factor authentication (MFA) protections. The targets of this campaign, according to Abnormal Security that discovered it, are primarily education, healthcare, and government organizations, with the attack targeting at least 150 targets. These […]
Police dismantles HeartSender cybercrime marketplace network
Law enforcement authorities in the United States and the Netherlands have seized 39 domains and associated servers used by the HeartSender phishing gang operating out of Pakistan. Also known as Saim Raza and Manipulators Team, the group has operated online cybercrime marketplaces for over a decade, selling hacking and fraud-enabling tools like phishing kits, malware, and spamming […]
Microsoft Teams phishing attack alerts coming to everyone next month
Microsoft reminded Microsoft 365 admins that its new brand impersonation protection feature for Teams Chat will be available for all customers by mid-February 2025. Once enabled, it will display alerts when detecting phishing attacks targeting organizations that have enabled external Teams access (which allows threat actors to message any user from external domains). The company […]