PhishLumos: Exposing phishing campaigns that evade detection by hiding content
Phishing remains one of the most stubbornly persistent threats in cybersecurity: humans are tired, distracted, trusting, and susceptible to urgency and autho...
Articles mapped to MITRE ATT&CK techniques. Select a technique to view matching articles.
367 articles found
Phishing remains one of the most stubbornly persistent threats in cybersecurity: humans are tired, distracted, trusting, and susceptible to urgency and autho...
A coordinated campaign of 23 seemingly legitimate Chrome extensions tracked as “SearchJack” has quietly hijacked the default search settings of roughly 758,0...
The platform used more than 9,000 phishing sites, stealing nearly 4 million credit cards and causing roughly $1.9 billion in losses.
A phishing kit subverting Microsoft’s legitimate authentication flow lets attackers break into accounts without stealing passwords or creating fake login pages
APT37 is using NarwhalRAT in a tightly engineered intrusion chain that starts with Microsoft-themed spear-phishing, pivots through malicious LNK files and Po...
Poland has warned that Ghostwriter, the Belarus-linked hacker group, has expanded its phishing operations to target personal Gmail accounts belonging to seni...
In a coordinated effort, the FBI, working with Google and Black Lotus Labs, has dismantled a massive Chinese phishing-as-a-service operation called Outsider ...
A newly disclosed Agentjacking attack class can silently weaponize AI coding agents against the very developers who rely on them, requiring no phishing, no s...
Outsider provided phishing kits and infrastructure for cybercriminals to scam victims with lures claiming they missed packages, had unpaid tolls or parking v...
Google on Friday said it's pursuing legal action against a Chinese cybercrime network, accusing it of using its Gemini artificial intelligence (AI) agent to ...
Google has filed a lawsuit against Outsider Enterprise, a China-based cybercrime network for using AI tools, including Gemini, to build phishing websites and...
An active phishing campaign that weaponizes a legitimate NinjaOne Remote Monitoring and Management (RMM) agent to gain persistent remote access to Brazilian ...
Phishing activity declined by roughly 20% in both 2024 and 2025, according to research from Zscaler’s ThreatLabz team. The drop followed years of growth that...
An INTERPOL-led operation last month resulted in the disruption of Sniper Dz, a decade-long phishing-as-a-service (PhaaS) platform, Group-IB said Thursday. T...
Group-IB, INTERPOL and Algerian Police dismantle decade-old SniperDZ phishing network used to steal credentials, with its alleged developer arrested.
Proxmox Mail Gateway 9.1 adds updated system components, changes to the spam quarantine interface, and encryption for backups.
A wave of phishing campaigns across the Middle East and North Africa exposes a sophisticated, centralized fraud ecosystem operating under the SniperDz banner.
New revelations by Group-IB expose the full scale of the decade-old SniperDz phishing operation
I’ve spent the past two years working on incident response and threat intelligence, and the pattern I’m about to describe is one I keep seeing show up in cas...
Menlo Security research warns that as enterprise applications become increasingly browser based, traditional cybersecurity tools leave them vulnerable to cyb...