phishing
Europol-coordinated action disrupts Tycoon2FA phishing platform
An international law enforcement operation coordinated by Europol has disrupted Tycoon2FA, a major phishing-as-a-service (PhaaS) platform linked to tens of millions of phishing messages each month. In total, 330 domains part of the criminal service’s backbone infrastructure (including control panels and phishing pages) were seized and taken offline during this joint action. “The technical disruption was […]
Microsoft: Hackers abuse OAuth error flows to spread malware
Hackers are abusing the legitimate OAuth redirection mechanism to bypass phishing protections in email and browsers to take users to malicious pages. The attacks target government and public-sector organizations with phishing links that prompt users to authenticate to a malicious application, Microsoft Defender researchers say. with e-signature requests, Social Security notices, meeting invitations, password resets, […]
Fake Google Security site uses PWA app to steal credentials, MFA codes
A phishing campaign is using a fake Google Account security page to deliver a web-based app capable of stealing one-time passcodes, harvesting cryptocurrency wallet addresses, and proxying attacker traffic through victims’ browsers. The attack leverages Progressive Web App (PWA) features and social engineering to deceive users into believing they are interacting with a legitimate Google […]
Phishing campaign targets freight and logistics orgs in the US, Europe
A financially motivated threat group dubbed “Diesel Vortex” is stealing credentials from freight and logistics operators in the U.S. and Europe in phishing attacks using 52 domains. In a campaign that has been running since September 2025, the threat actor has stolen 1,649 unique credentials from platforms and service providers critical in the freight industry. Some of […]
Ad tech firm Optimizely confirms data breach after vishing attack
New York-based ad tech company Optimizely has notified an undisclosed number of customers of a data breach after threat actors compromised some of its systems in a voice phishing attack. Optimizely has nearly 1,500 employees across 21 global offices, and its customer list includes over 10,000 businesses, including high-profile brands like H&M, PayPal, Zoom, Toyota, […]
Police arrests 651 suspects in African cybercrime crackdown
African law enforcement agencies arrested 651 suspects and recovered over $4.3 million in a joint operation targeting investment fraud, mobile money scams, and fake loan applications. As INTERPOL revealed on Wednesday, Operation Red Card 2.0 identified 1,247 victims between December 8 and January 30 while targeting cybercrime operations linked to over $45 million in financial […]
Nigerian man gets eight years in prison for hacking tax firms
A Nigerian national was sentenced to eight years in prison for hacking multiple tax preparation firms in Massachusetts and filing fraudulent tax returns seeking over $8.1 million in refunds. 37-year-old Matthew Abiodun Akande was arrested in October 2024 at London’s Heathrow Airport and extradited to the United States in March 2025. He was indicted by a federal […]
Hackers target Microsoft Entra accounts in device code vishing attacks
Threat actors are targeting technology, manufacturing, and financial organizations in campaigns that combine device code phishing and voice phishing (vishing) to abuse the OAuth 2.0 Device Authorization flow and compromise Microsoft Entra accounts. Unlike previous attacks that utilized malicious OAuth applications to compromise accounts, these campaigns instead leverage legitimate Microsoft OAuth client IDs and the […]
Microsoft: Anti-phishing rules mistakenly blocked emails, Teams messages
Microsoft says an Exchange Online issue that mistakenly quarantined legitimate emails last week was triggered by faulty heuristic detection rules designed to block credential phishing campaigns. As Microsoft explains in a preliminary post-incident report published this week, a software error in its email security system incorrectly flagged thousands of legitimate URLs as phishing links for nearly a week, […]
Snail mail letters target Trezor and Ledger users in crypto-theft attacks
Threat actors are sending physical letters pretending to be from Trezor and Ledger, makers of cryptocurrency hardware wallets, to trick users into submitting recovery phrases in crypto theft attacks. These phishing letters claim recipients must complete a mandatory “Authentication Check” or “Transaction Check” to avoid losing access to wallet functionality, creating a sense of urgency […]