Attackers abuse Google Ads, GitLab, and Claude to deliver malware
Threat actors are abusing trusted platforms, including Google Ads, GitLab pages, and Claude’s shared chat feature, to trick users into executing malicious co...
Articles mapped to MITRE ATT&CK techniques. Select a technique to view matching articles.
98 articles found
Threat actors are abusing trusted platforms, including Google Ads, GitLab pages, and Claude’s shared chat feature, to trick users into executing malicious co...
A recent engagement demonstrates how persuasive pretexts and careful reconnaissance let attackers bypass technical controls by exploiting human trust at the ...
Malicious LNK files masquerading as job resumes are being used in targeted campaigns against corporate employees, combining social engineering with multi-sta...
A sophisticated ClickFix social engineering campaign in May 2026 triggered a full hands-on-keyboard intrusion spanning 11 hosts, deploying a novel trio of ma...
Rokarolla, a new Android banking trojan named after its Command-and-Control (C2) infrastructure, that combines sophisticated social engineering, broad permis...
A recent intrusion demonstrates how threat actors are shifting toward scripting runtimes to evade traditional detection: attackers delivered a modular Remote...
A concentrated data theft extortion campaign by UNC3753 also reported as Luna Moth, Chatty Spider, and Silent Ransom Group targeting dozens of U.S.
APT37 is using NarwhalRAT in a tightly engineered intrusion chain that starts with Microsoft-themed spear-phishing, pivots through malicious LNK files and Po...
An active phishing campaign that weaponizes a legitimate NinjaOne Remote Monitoring and Management (RMM) agent to gain persistent remote access to Brazilian ...
Attackers are increasingly bypassing weak authentication through phishing, MFA fatigue, and service desk social engineering. Specops Software breaks down fiv...
The attack on Tchap, a platform developed for the French public sector, reportedly involved a social engineering attack that compromised a user account.
Cybercriminals are increasingly reshaping familiar social-engineering campaigns around the way employees use AI, with separate advisories from Microsoft and ...
Threat actors are increasingly weaponizing the global fascination with large language models and generative AI by impersonating major AI brands ChatGPT, Anth...
WhatsApp has detected and stopped spear-phishing campaigns allegedly conducted by the NSO Group after investigating user reports of social engineering attack...
Meta claims it disrupted spear-phishing attempts linked to NSO Group and is asking a US federal court to hold the spyware vendor in contempt for allegedly vi...
As threat actors operationalize AI to accelerate attacks, they are also leveraging the wider global interest around AI itself as a social engineering lure. T...
A newly observed extortion brand called Pink (CL-CRI-1147) that is actively targeting enterprise users to harvest cloud storage credentials and bypass multi-...
The Silent Ransom Group extortion gang is actively targeting U.S.
Written by: Chad Reams, Tufail Ahmed, Keith Knapp, Ashley Frazer, Tyler McLellan Introduction From January through May 2026, Mandiant identified a financiall...
Relying on social engineering, the hacking group engages in credential phishing, malware distribution, and fraud activities. The post Chinese Cybercrime Grou...