Skip to main content
FreeIntelHub
Feed Threat Feed Search Trending
Intelligence CVE Priority Vulnerability IOC Lookup IOC Feed YARA Rules Phishing Lookup Exploit Lookup Pastes Dark Web
Adversaries Threat Groups Software Campaigns
Explore Dashboard Geo Map Heatmap MITRE ATT&CK
Browse Sources Vendors Categories Sectors
RSS API
FreeIntelHub
/
Sign In

Campaigns

20 articles

GBHackers Campaigns 4d ago

FIFA World Cup Phishing Scam Uses Fake Reward Pages to Steal Credit Card Data

A sophisticated email phishing campaign exploiting the global excitement around the 2026 FIFA World Cup is deceiving fans with counterfeit reward pages desig...

T1566

GBHackers →

GBHackers Campaigns Oracle 4d ago

Hackers Use Server-Side Geofencing to Deliver Ousaban Banking Trojan in Spain and Portugal

A targeted campaign that delivers the Ousaban banking Trojan to users in Spain and Portugal using sophisticated server-side geofencing and multi-stage delive...

T1566

GBHackers →

Security Affairs Campaigns 5d ago

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Hija...

Security Affairs →

The Hacker News Campaigns Google 6d ago

North Korean Hackers Publish 108 Malicious Packages and Extensions in PolinRider Campaign

The North Korean threat actors linked to the Contagious Interview campaign have been observed publishing 108 unique packages and web browser extensions spann...

The Hacker News →

GBHackers Campaigns 6d ago

Armored Likho APT Deploys BusySnake Stealer Against Government and Power Sector Targets

A focused phishing campaign operated by a previously unreported APT we’ve named Armored Likho (also tracked under the provisional alias Eagle Werewolf).

T1566

GBHackers →

BleepingComputer Campaigns Google Jul 3

NetNut proxy network disrupted, 2 million infected devices cut off

A joint operation involving Google has disrupted NetNut, a residential proxy network that gave access to millions of compromised Android devices, including s...

BleepingComputer →

The Hacker News Campaigns Jul 3

Armored Likho Targets Government Agencies, Power Sector with BusySnake Stealer

A previously undocumented threat actor known as Armored Likho has been attributed to cyber attacks targeting government agencies and the electric power secto...

The Hacker News →

Kaspersky Securelist Campaigns Jul 3

Armored Likho digging a snake pit: inside the covert BusySnake Stealer campaign

An inside look at the active Armored Likho APT campaign. The attackers are using spear-phishing, AI-generated loaders, and a new Python-based tool, BusySnake...

T1566

Kaspersky Securelist →

Security Affairs Campaigns Google Jul 3

Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut

Google disrupted NetNut, a major proxy network that routed internet traffic through compromised home devices used by cybercriminals. Google has disrupted Net...

Security Affairs →

SecurityWeek Campaigns Google Jul 3

Google, FBI Disrupt NetNut Residential Proxy Network Powered by Millions of Devices

NetNut rented access to millions of compromised devices, allowing cybercriminals and nation-state actors to mask their identities during attacks. The post Go...

SecurityWeek →

GBHackers Campaigns Google GitHub Jul 3

Hackers Compromise GitHub Maintainer Accounts to Publish PolinRider-Infected Package Versions

A widescale escalation in the PolinRider supply‑chain campaign: threat actors have compromised GitHub maintainer accounts to publish infected package version...

GBHackers →

The Hacker News Campaigns Google Jul 2

ToddyCat-Linked Umbrij Malware Abuses OAuth to Access Gmail via Google API

The threat actor known as ToddyCat has been attributed to a new malware called Umbrij that's designed to gain surreptitious access to a victim's email corres...

The Hacker News →

GBHackers Campaigns Jul 2

Hackers Abuse ScreenConnect Remote Access Tool to Deploy AsyncRAT Through Fake Installers

A wide-reaching campaign in which attackers abused the legitimate remote administration tool ScreenConnect to deploy AsyncRAT via faux software installers. T...

GBHackers →

GBHackers Campaigns Cloudflare Jul 2

Phishing Campaign Uses Fake Invoice PDF to Drop AsyncRAT, VenomRAT, and XWorm

A sophisticated phishing campaign that uses a fake invoice PDF to mask the delivery of multiple remote access trojans primarily AsyncRAT, but also VenomRAT a...

T1566

GBHackers →

GBHackers Campaigns Microsoft Jul 2

LSHIY Password Spray Attack Hits Microsoft 365 Accounts With 81 Million Login Attempts

A large-scale password spray campaign linked to the infrastructure provider LSHIY LLC has targeted Microsoft 365 environments, resulting in over 81 million l...

GBHackers →

SC Media Campaigns Jul 1

ScreenConnect abused to deploy AsyncRAT in widespread campaign

This activity is part of a large, multi-language campaign that distributes malicious installer archives hosted on spoofed websites, according to a recent rep...

SC Media →

BleepingComputer Campaigns GitHub Jul 1

New ChocoPoC malware targets researchers via trojanized PoC exploits

Multiple weaponized proof-of-concept (PoC) exploits on GitHub were found delivering a Python-based remote access trojan (RAT) named ChocoPoC that can execute...

BleepingComputer →

The Hacker News Campaigns Microsoft Jul 1

SEO-Poisoned Software Sites Abuse ScreenConnect to Deploy AsyncRAT

Unknown threat actors are leveraging the ScreenConnect remote access tool as a way to deploy and execute AsyncRAT. Kaspersky said the activity is part of a "...

The Hacker News →

BleepingComputer Campaigns Microsoft Jul 1

Hackers target Microsoft 365 accounts with 81 million login attempts

An aggressive password-spraying campaign targeting Microsoft 365 environments generated more than 81 million login attempts over a two-week period. [.

BleepingComputer →

The Hacker News Campaigns Microsoft Fortinet Jul 1

Ousaban Banking Trojan Targets Iberian Bank Users with Fake PDF Lures

A Brazilian banking trojan called Ousaban is going after Windows users who bank in Spain and Portugal. Fortinet's FortiGuard Labs identified the campaign in ...

T1566

The Hacker News →

«Previous page 1 2 3 4 5 6 ... 31 Next page»
FreeIntelHub · Open-source CTI platform

All articles belong to their respective owners. FreeIntelHub aggregates publicly available RSS feeds for informational purposes only. DMCA