Dutch Police discloses security breach after phishing attack
The Dutch National Police (Politie) says a security breach resulting from a successful phishing attack has had a limited impact and hasn't affected citizens' data. [...]
Read OriginalThe Dutch National Police (Politie) says a security breach resulting from a successful phishing attack has had a limited impact and hasn't affected citizens' data. [...]
Read Original7AI research reveals a massive QR code phishing attack that evaded SPF, DKIM, and DMARC. Find out how 1.6 million emails went undetected.
Read OriginalThreat actors are targeting TikTok for Business accounts in a phishing campaign that prevents security bots from analyzing malicious pages. [...]
Read OriginalThreat actors are evading phishing detection in campaigns targeting Microsoft accounts by abusing the no-code app-building platform Bubble to generate and host malicious web apps. [...]
Read OriginalOX Security reveals a new phishing campaign targeting GitHub developers. Scammers use fake OpenClaw token giveaways to trick users into connecting and draining their crypto wallets
Read OriginalA Russian national has been sentenced to two years in prison after admitting that the phishing botnet he managed was used to launch BitPaymer ransomware attacks against 72 U.S. companies. [...]
Read OriginalCybercriminals behind Tycoon2FA, a phishing-as-a-service (PhaaS) platform, have resumed targeting cloud accounts with near-full force despite a coordinated law enforcement takedown on March 4, 2026. Europol, working alongside authorities from six countries, seized 330 domains that formed the backbone of the platform’s infrastructure in what became one of the more visible efforts to disrupt a […] The post Tycoon2FA Operators Resume Cloud Account Phishing After Infrastructure Disruption appeared f...
Read OriginalRSAC 2026 Back in the day (circa 2023) when cybercrime group Scattered Spider and its help-desk voice-phishing calls were a relatively new threat, the feds considered pulling the government's top cyber-threat hunters and their private-sector counterparts into one room to share information, in real time, about this loosely knit extortion ring that was terrorizing enterprises.…
Read OriginalThe Tycoon2FA phishing-as-a-service (PhaaS) platform that Europol and partners disrupted on March 4 has already returned to previously observed activity levels. [...]
Read OriginalStrengthen your MFA policies, double-down on anti-phishing training, and for Jobs' sake, patch all your vulns right away. The past year of intelligence collected by Cisco's Talos threat hunters suggests that attackers are moving faster to exploit vulns, and fooling more staff than ever into giving up their credentials. …
Read OriginalHuntress researchers said it’s likely the victims they've identified represent just a fraction of compromised organizations worldwide. The post An AI-powered phishing campaign has compromised hundreds of organizations appeared first on CyberScoop .
Read OriginalVoice phishing surged last year to become the second most common method used by cybercriminals to gain initial access to their victims' IT estate – and the No. 1 tactic used when breaking into cloud environments.…
Read OriginalVoice-based phishing was at the root of multiple attack sprees Mandiant responded to last year, reflecting a concerning shift in tactics. The post The phone call is the new phishing email appeared first on CyberScoop .
Read OriginalInfosec In Brief Russian intelligence-affiliated parties are posing as customer support services on commercial messaging applications such as Signal to compromise accounts and conduct phishing attacks, the FBI and Cybersecurity and Infrastructure Security Agency (CISA) warned last Friday.…
Read OriginalMicrosoft Azure Monitor alerts are being abused to send callback phishing emails that impersonate warnings from the Microsoft Security Team about unauthorized charges on your account. [...]
Read Original