A China-linked threat group called Silver Dragon has been targeting government and high-profile organizations across Southeast Asia and Europe since at least mid-2024. Operating under the umbrella of APT41, the group breaks into networks by exploiting public-facing internet servers and sending phishing emails with malicious attachments. Once inside, it uses custom tools to steal data, […] The post Silver Dragon APT Group Targets Europe, Asia Using Google Drive for Covert Communication appeared f...
The attackers are sending out fake alerts claiming unauthorized access or master password changes. The post LastPass Warns of New Phishing Campaign appeared first on SecurityWeek .
Hackers are abusing the legitimate OAuth redirection mechanism to bypass phishing protections in email and browsers to take users to malicious pages. [...]
A new active phishing attack that exploits OAuth’s legitimate redirection behavior, allowing it to bypass traditional email and browser defenses without stealing any tokens. According to Microsoft Defender researchers, the campaigns primarily target government and public-sector organizations, using trusted identity provider domains to mask malicious redirects. Unlike traditional phishing that relies on credential theft or […] The post Microsoft Warns of New Phishing Attack Exploiting OAuth in En...
Compromised cPanel credentials are being sold in bulk across underground channels as plug-and-play phishing and scam infrastructure. Flare explains how analyzing 200,000 underground posts reveals a commoditized market for hacked site management panels. [...]
Microsoft has warned organizations about ongoing OAuth abuse scams that use phishing emails and URL redirects to infect victims' machines with malware and take over their devices.…
A phishing campaign is using a fake Google Account security page to deliver a web-based app capable of stealing one-time passcodes, harvesting cryptocurrency wallet addresses, and proxying attacker traffic through victims' browsers. [...]
Cybersecurity researchers at Infoblox Threat Intel have uncovered a highly sophisticated phishing campaign that exploits the foundational plumbing of the internet to bypass enterprise security controls. In a novel evasion tactic, threat actors are weaponizing the .arpa top-level domain (TLD) and utilizing IPv6 tunnels to host malicious phishing content. This approach actively circumvents traditional domain reputation checks, […] The post Phishing Schemes Abuse .arpa TLD and IPv6 Tunnels to Evade...
It's Friday, let's have a look at another simple piece of malware to close a busy week! I received a Fedex notification about a delivery. Usually, such emails are simple phishing attacks that redirect you to a fake login page to collect your credentials. Here, it was a bit different:
Source: Schneier on SecurityPublished:
2026-02-27 12:04
Summary enhanced with Google Gemini
Matched on:phishing
This is new. North Korean hackers are posing as company recruiters, enticing job candidates to participate in coding challenges. When they run the code they are supposed to work on, it installs malware on their system. News article .
Varonis Threat Labs reveals 1Campaign, a platform used to trick Google Ads and hide phishing pages. Learn how this cloaking tool targets real users while evading security.
A newly uncovered phishing campaign is delivering Agent Tesla, one of the most widely used credential-stealing malware families, through a multi-stage attack chain that leaves almost no trace on a victim’s machine. The campaign uses business-themed phishing emails, obfuscated scripts, and in-memory execution to silently harvest sensitive data from Windows users. With its ability to […] The post Phishing‑Led Agent Tesla Campaign Uses Process Hollowing and Anti‑Analysis to Evade Detection appeared...