Rokarolla Uses Fake Google Play Protect App to Target Banking and Cryptocurrency Users
Rokarolla, a sophisticated Android banking trojan distributed via malicious websites that masquerade as trusted applications such as TikTok, Google Chrome an...
Articles mapped to MITRE ATT&CK techniques. Select a technique to view matching articles.
367 articles found
Rokarolla, a sophisticated Android banking trojan distributed via malicious websites that masquerade as trusted applications such as TikTok, Google Chrome an...
FBI warns Russian spies now target Signal Backup Recovery Keys, enabling access to message history and long-term account takeover.
Microsoft warns of a phishing campaign targeting the hospitality sector with fake guest emails that install TonRAT using resilient persistence. Microsoft Thr...
The FBI and CISA are warning that a phishing campaign targeting Signal users tied to Russian intelligence services has evolved to steal Signal Backup Recover...
The FBI and CISA have updated their March warning about Russian intelligence phishing Signal accounts, and the operators have added a step: they now coax tar...
CISA and the Federal Bureau of Investigation (FBI) issued an updated Public Service Announcement (PSA) warning of Russian Intelligence Services (RIS) cyber t...
Scammers are increasingly exploiting Shopify’s ecosystem and its Shop order-tracking app to deliver fraudulent invoices directly into users’ purchase histori...
An active phishing campaign has been targeting hotel and other hospitality organizations across Europe and Asia since April 2026, using photo-themed ZIP file...
Mirage2FA, a phishing kit that combines short-lived HTML smuggling with obfuscated JavaScript loaders to deliver fake Microsoft 365 login pages and steal cre...
The kit includes Cloaked.gg, which displays benign sites to detected scanners and sandboxes.
Threat actors are increasingly abusing Shop, the order-tracking app from Shopify, by adding fake purchase receipts in users' order histories to trick them in...
The Bluekit phishing-as-a-service platform continues to evolve with nearly 70 new hostnames identified over the past week and by adding browser-in-the-middle...
It’s dumb out there again. This week has the usual smell of prod on fire and nobody wanting to admit who left the door open — old creds still working, truste...
Kaspersky researchers analyze the threat landscape for SMBs in 2026: the rise of attacks involving fake AI tools, phishing schemes, and data sold on the dark...
A concise but sophisticated phishing campaign that targeted AWS console users by abusing Cloudflare-hosted domains to deliver adversary-in-the-middle (AiTM) ...
A sophisticated malware campaign that combined a phishing lure, an obfuscated Windows JavaScript dropper, a malicious Google Chrome extension and a Native Me...
The Huntress report highlights how EvilTokens operates like a modern tech startup, offering sophisticated phishing capabilities through subscription tiers ra...
An Algerian national accused of running online marketplaces that sold phishing kits and fraud tools has been extradited from Spain to the United States to fa...
Healthcare technology company Xsolis confirmed that a phishing attack resulted in unauthorized access to its network. The company develops AI-powered softwar...
An active phishing campaign that impersonates Microsoft Teams to trick victims into downloading a legitimately signed remote access tool (RAT) preconfigured ...