AI-powered phishing attacks leverage ConnectWise ScreenConnect for remote access, underscoring their sophistication. The post Hackers Weaponize Trust with AI-Crafted Emails to Deploy ScreenConnect appeared first on SecurityWeek .
Read OriginalIn recent weeks, a sophisticated phishing operation known as the ZipLine campaign has targeted U.S.-based manufacturing firms, leveraging supply-chain criticality and legitimate-seeming business communications to deploy an advanced in-memory implant dubbed MixShell. This threat actor reverses traditional phishing workflows by initiating contact through corporate “Contact Us” web forms, prompting victims to reach out first. Once […] The post New ZipLine Campaign Attacks Critical Manufacturing Com...
Read OriginalPresently sponsored by: Malwarebytes Browser Guard blocks phishing, ads, scams, and trackers for safer, faster browsing It seems like every manufacturer of anything electrical that goes in the house wants to be part of the IoT story these days. Further, they all want their own app, which means you have to go to gazillions of bespoke software products to control your things. And they're
Read OriginalCybercriminals are targeting critical US manufacturers and supply-chain companies, looking to steal sensitive IP and other data while deploying ransomware. Their attack involves a novel twist on phishing — and a photo of White House butlers. …
Read OriginalA sophisticated credential harvesting campaign has emerged targeting ScreenConnect cloud administrators with spear phishing attacks designed to steal super administrator credentials. The ongoing operation, designated MCTO3030, has maintained consistent tactics since 2022 while operating largely undetected through low-volume distribution strategies that send up to 1,000 emails per campaign run. The campaign specifically targets senior IT […] The post New Attack Targeting ScreenConnect Cloud Admin...
Read OriginalIn early August 2025, security researchers uncovered an unprecedented campaign targeting India’s BOSS Linux installations through seemingly innocuous shortcut files. These files, masquerading as PDF documents, leverage the .desktop format intrinsic to Linux desktop environments to deliver and execute malicious payloads. Initial access is gained via spear-phishing emails containing a ZIP archive named “Meeting_Notice_Ltr_ID1543ops.pdf_.zip.” When […] The post APT36 Hackers Attacking Indian BOSS L...
Read OriginalFortiGuard Labs warns of a global phishing campaign that delivers UpCrypter malware, giving hackers complete control of infected…
Read OriginalIn late June 2025, a significant operational dump from North Korea’s Kimsuky APT group surfaced on a dark-web forum, exposing virtual machine images, VPS infrastructure, customized malware and thousands of stolen credentials. This leak offers an unprecedented window into the group’s espionage toolkit, revealing how Kimsuky conducts phishing campaigns, maintains persistence and evades detection within […] The post Kimsuky APT Data Leak – GPKI Certificates, Rootkits and Cobalt Strike Personal Unco...
Read OriginalA large-scale phishing campaign was conducted by threat actors who abused Google Classroom to distribute over 115,000 malicious emails to more than 13,500 organizations globally. The campaign uncovered by Check Point unfolded in five distinct waves between August 6 and August 12, 2025, and weaponized the trusted educational platform to bypass conventional security filters. The […] The post Hackers Leverage Google Classroom for 115,000+ Phishing Emails Targeting 13,500+ Organizations appeared fir...
Read OriginalPresently sponsored by: Malwarebytes Browser Guard blocks phishing, ads, scams, and trackers for safer, faster browsing I'm fascinated by the unwillingness of organisations to name the "third party" to which they've attributed a breach. The initial reporting on the Allianz Life incident from last month makes no mention whatsoever of Salesforce, nor does any other statement I can find from
Read OriginalA sophisticated credential harvesting campaign has emerged, exploiting the trusted reputation of SendGrid to deliver phishing emails that successfully bypass traditional email security gateways. The attack leverages SendGrid’s legitimate cloud-based email service platform to create authentic-looking communications that target unsuspecting users across multiple organizations. The campaign employs a multi-faceted approach, utilizing three distinct email themes […] The post Hackers Leverage SendGri...
Read OriginalPhishing has always been about deceiving people. But in this campaign, the attackers weren’t only targeting users; they also attempted to manipulate AI-based defenses. This is an evolution of the Gmail phishing chain I documented last week. That campaign relied on urgency and redirects, but this one introduces hidden AI prompts designed to confuse automated […] The post New Gmail Phishing Attack Uses AI Prompt Injection to Evade Detection appeared first on Cyber Security News .
Read OriginalFake CoinMarketCap journalist profiles used in spear-phishing target crypto execs via Zoom interviews, risking malware, data theft, and…
Read OriginalMicrosoft has announced significant restrictions on email sending capabilities for organizations using default onmicrosoft.com domains, implementing a throttling system that limits external email delivery to 100 recipients per organization every 24 hours. The policy change, announced through the Exchange Team Blog, aims to prevent spam abuse while encouraging organizations to migrate to custom domains for […] The post Microsoft to Limit Onmicrosoft Domain Usage for Sending Emails appeared first ...
Read OriginalInterpol's latest clampdown on cybercrime resulted in 1,209 arrests across the African continent, from ransomware crooks to business email compromise (BEC) scammers, the agency says.…
Read Original