Typosquatted
FBI warns of fake FIFA websites running World Cup fraud schemes
The FBI is warning of fake websites impersonating FIFA ahead of the 2026 World Cup, to steal personal and financial information, sell fake tickets and hospitality packages, and push other fraud related to the event. With the international soccer tournament set between June 11 and July 19 in the United States, Canada, and Mexico, threat […]
Leaked Shai-Hulud malware fuels new npm infostealer campaign
The Shai-Hulud malware leaked last week is now used in new attacks on the Node Package Manager (npm) index, as infected packages emerged over the weekend. A threat actor using the account deadcode09284814 published four malicious packages on npm and embedded one of them with a non-obfuscated version of Shai-Hulud that targeted developer credentials, secrets, cryptocurrency wallet data, and […]
1Password adds pop-up warnings for suspected phishing sites
The 1Password digital vault and password manager has added built-in protection against phishing URLs to help users identify malicious pages and prevent them from sharing account credentials with threat actors. The subscription-based password management service is widely used in the enterprise environment by many well-known organizations. Recently, Windows added support for native passkey management via 1Password. […]
Fake MAS Windows activation domain used to spread PowerShell malware
A typosquatted domain impersonating the Microsoft Activation Scripts (MAS) tool was used to distribute malicious PowerShell scripts that infect Windows systems with the ‘Cosmali Loader’. GeekFeed has found that multiple MAS users began reporting on Reddit [1, 2] yesterday that they received pop-up warnings on their systems about a Cosmali Loader infection. You have been infected by a malware […]