ShinyHunters has claimed responsibility for an Okta voice-phishing campaign during which the extortionist crew allegedly gained access to Crunchbase and Betterment.…
Read OriginalA new and alarming threat has emerged in the cybersecurity landscape where attackers combine artificial intelligence with web-based attacks to transform innocent-looking webpages into dangerous phishing tools in real time. Security researchers discovered that cybercriminals are now leveraging generative AI systems to create malicious code that loads dynamically after users visit seemingly safe websites. This […] The post Hackers Can Use GenAI to Change Loaded Clean Page Into Malicious within Sec...
Read OriginalThreat actors are leveraging the file-sharing service for payload delivery in AitM phishing and BEC attacks. The post Phishers Abuse SharePoint in New Campaign Targeting Energy Sector appeared first on SecurityWeek .
Read OriginalA dangerous new generation of phishing kits designed specifically for voice-based attacks has emerged as a growing threat to enterprise users across major technology platforms. Okta Threat Intelligence discovered multiple custom phishing kits available on an as-a-service basis that criminals are using in coordinated campaigns. These sophisticated tools target employees at Google, Microsoft, Okta, and […] The post New Phishing Kit As-a-service Attacking Google, Microsoft, and Okta Users appeared ...
Read OriginalCriminals can more easily pull off social engineering scams and other forms of identity fraud thanks to custom voice-phishing kits being sold on dark web forums and messaging platforms.…
Read OriginalOkta is warning about custom phishing kits built specifically for voice-based social engineering (vishing) attacks. BleepingComputer has learned that these kits are being used in active attacks to steal Okta SSO credentials for data theft. [...]
Read OriginalA sophisticated phishing campaign targeting PNB MetLife insurance customers has surfaced, deceiving victims through fake payment gateway pages that steal personal information and redirect them to fraudulent UPI transactions. The scam exploits the trusted reputation of PNB MetLife by creating convincing mobile-optimized payment portals that mimic legitimate premium payment services. These malicious pages accept policy […] The post Beware of PNB MetLife Payment Gateway that Steals Your Details and...
Read OriginalUnknown attackers are abusing Microsoft SharePoint file-sharing services to target multiple energy-sector organizations, harvest user credentials, take over corporate inboxes, and then send hundreds of phishing emails from compromised accounts to contacts inside and outside those organizations.…
Read OriginalSee how modern AI-driven detection can block sophisticated attacks that traditional tools miss The post Webinar Today: Rethinking Email Security for Mid-Sized Organizations appeared first on SecurityWeek .
Read OriginalPeople worldwide are being targeted by a massive spam wave originating from unsecured Zendesk support systems, with victims reporting receiving hundreds of emails with strange and sometimes alarming subject lines. [...]
Read OriginalPassword managers make great targets for attackers because they can hold many of the keys to your kingdom. Now, LastPass has warned customers about phishing emails claiming that action is required ahead of scheduled maintenance and told them not to fall for the scam. …
Read OriginalLastPass is warning of a new phishing campaign disguised as a maintenance notification from the service, asking users to back up their vaults in the next 24 hours. [...]
Read OriginalA critical security alert regarding an active phishing campaign that commenced on January 19, 2026. The malicious actors are impersonating LastPass support staff and sending fraudulent emails claiming urgent vault backup requirements to harvest master passwords from unsuspecting users. The phishing emails employ social engineering tactics by creating artificial urgency, falsely claiming that LastPass maintenance […] The post LastPass Warns of Fake Maintenance Message Tracking Users to Steal Mast...
Read OriginalPhishing succeeds not because users are careless, but because attackers exploit human timing, context, and emotion. Flare shows how modern phishing has become industrialized, scalable, and increasingly hard to spot. [...]
Read OriginalThreat actors may have wanted to take advantage of the holiday weekend in the United States to increase their chances of success. The post LastPass Users Targeted With Backup-Themed Phishing Emails appeared first on SecurityWeek .
Read Original