New AITM phishing wave hijacks TikTok Business accounts
A new AITM phishing campaign targets TikTok Business accounts to hijack them for malvertising, continuing tactics seen in earlier Google-themed scams. Push S...
MITRE ATT&CK Mapping
Articles mapped to MITRE ATT&CK techniques. Select a technique to view matching articles.
T1189 — Drive-by Compromise (Initial Access)
Clear filter8 articles found
AitM Phishing Targets TikTok Business Accounts Using Cloudflare Turnstile Evasion
Threat actors are using adversary-in-the-middle (AitM) phishing pages to seize control of TikTok for Business accounts in a new campaign, according to a repo...
Trojanized ConnectWise ScreenConnect installers deployed in tax-themed malvertising campaign
Intrusions weaponizing searches for illicit tax-related documents to spread trojanized ConnectWise ScreenConnect installers that facilitate a bring your own ...
Tax Search Ads Deliver ScreenConnect Malware Using Huawei Driver to Disable EDR
A large-scale malvertising campaign active since January 2026 has been observed targeting U.S.
Free real estate: GoPix, the banking Trojan living off your memory
Kaspersky GReAT experts describe the unprecedentedly complex Brazilian banking Trojan GoPix that employs memory-only implants, Proxy AutoConfig (PAC) files f...
TamperedChef Malvertising Campaign Drops Malware via Fake PDF Manuals
TamperedChef creates backdoors and steals user credentials – particularly in organizations reliant on technical equipment
AI-aided malvertising: Exploiting a chatbot to spread scams
Cybercriminals have tricked X’s AI chatbot into promoting phishing scams in a technique that has been nicknamed “Grokking”. Here’s what to know about it.
Watering Hole Attacks Push ScanBox Keylogger
Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.