FIFA World Cup Phishing Scam Uses Fake Reward Pages to Steal Credit Card Data
A sophisticated email phishing campaign exploiting the global excitement around the 2026 FIFA World Cup is deceiving fans with counterfeit reward pages desig...
20 articles
A sophisticated email phishing campaign exploiting the global excitement around the 2026 FIFA World Cup is deceiving fans with counterfeit reward pages desig...
A targeted campaign that delivers the Ousaban banking Trojan to users in Spain and Portugal using sophisticated server-side geofencing and multi-stage delive...
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Hija...
The North Korean threat actors linked to the Contagious Interview campaign have been observed publishing 108 unique packages and web browser extensions spann...
A focused phishing campaign operated by a previously unreported APT we’ve named Armored Likho (also tracked under the provisional alias Eagle Werewolf).
A joint operation involving Google has disrupted NetNut, a residential proxy network that gave access to millions of compromised Android devices, including s...
A previously undocumented threat actor known as Armored Likho has been attributed to cyber attacks targeting government agencies and the electric power secto...
An inside look at the active Armored Likho APT campaign. The attackers are using spear-phishing, AI-generated loaders, and a new Python-based tool, BusySnake...
Google disrupted NetNut, a major proxy network that routed internet traffic through compromised home devices used by cybercriminals. Google has disrupted Net...
NetNut rented access to millions of compromised devices, allowing cybercriminals and nation-state actors to mask their identities during attacks. The post Go...
A widescale escalation in the PolinRider supply‑chain campaign: threat actors have compromised GitHub maintainer accounts to publish infected package version...
The threat actor known as ToddyCat has been attributed to a new malware called Umbrij that's designed to gain surreptitious access to a victim's email corres...
A wide-reaching campaign in which attackers abused the legitimate remote administration tool ScreenConnect to deploy AsyncRAT via faux software installers. T...
A sophisticated phishing campaign that uses a fake invoice PDF to mask the delivery of multiple remote access trojans primarily AsyncRAT, but also VenomRAT a...
A large-scale password spray campaign linked to the infrastructure provider LSHIY LLC has targeted Microsoft 365 environments, resulting in over 81 million l...
This activity is part of a large, multi-language campaign that distributes malicious installer archives hosted on spoofed websites, according to a recent rep...
Multiple weaponized proof-of-concept (PoC) exploits on GitHub were found delivering a Python-based remote access trojan (RAT) named ChocoPoC that can execute...
Unknown threat actors are leveraging the ScreenConnect remote access tool as a way to deploy and execute AsyncRAT. Kaspersky said the activity is part of a "...
An aggressive password-spraying campaign targeting Microsoft 365 environments generated more than 81 million login attempts over a two-week period. [.
A Brazilian banking trojan called Ousaban is going after Windows users who bank in Spain and Portugal. Fortinet's FortiGuard Labs identified the campaign in ...