ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
ThreatsDay Bulletin: Wi-Fi Hack, npm Worm, DeFi Theft, Phishing Blasts— and 15 More Stories
Think your Wi-Fi is safe? Your coding tools? Or even your favorite financial apps? This week proves again how hackers, companies, and governments are all locked in a nonstop race to outsmart each other. Here’s a quick ru
Hackers Using Evilginx to Steal Session Cookies and Bypass Multi-Factor Authentication Tokens
A sophisticated phishing toolkit known as Evilginx is empowering attackers to execute advanced attacker-in-the-middle (AiTM) campaigns with alarming success. These attacks are engineered to steal temporary session cookie
New Report Warns of 68% Of Actively Serving Phishing Kits Protected by CloudFlare
A new security report reveals a troubling reality about the state of online phishing operations. Recent research has uncovered over 42,000 validated URLs and domains actively serving phishing kits, command-and-control in
Hackers Using Calendly-Themed Phishing Attack to Steal Google Workspace Account
A sophisticated phishing campaign has emerged targeting business professionals with Calendly-themed emails, combining social engineering with advanced credential theft techniques. The attack specifically focuses on Googl
Storm-0900 Hackers Leveraging Parking Ticket and Medical Test Themes in Massive Phishing Attack
On Thanksgiving eve, a sophisticated threat actor known as Storm-0900 launched a high-volume phishing campaign targeting users across the United States. Microsoft Threat Intelligence security analysts detected and blocke
Discover the AI Tools Fueling the Next Cybercrime Wave — Watch the Webinar
Remember when phishing emails were easy to spot? Bad grammar, weird formatting, and requests from a "Prince" in a distant country? Those days are over. Today, a 16-year-old with zero coding skills and a $200 allowance ca
Beware of the New ‘Executive Award’ Campaign That Uses ClickFix to Deliver Stealerium Malware
A new and dangerous phishing campaign is targeting organizations with a deceptive “Executive Award” theme that combines social engineering with advanced malware delivery. This two-stage attack first tricks users into sha
Salty2FA and Tycoon2FA Phishing Kits Attacking Enterprise Users to Steal Login Credentials
A new type of phishing attack that combines two different phishing kits: Salty2FA and Tycoon2FA. This marks a significant change in the Phishing-as-a-Service (PhaaS) landscape. While phishing kits typically maintain uniq
Cybercrime Goes SaaS: Renting Tools, Access, and Infrastructure
Cybercrime has fully shifted to a subscription model, with phishing kits, Telegram OTP bots, infostealer logs, and even RATs now rented like SaaS tools. Varonis explains how this "crime-as-a-service" economy lowers the b
Fake Calendly invites spoof top brands to hijack ad manager accounts
An ongoing phishing campaign impersonates popular brands, such as Unilever, Disney, MasterCard, LVMH, and Uber, in Calendly-themed lures to steal Google Workspace and Facebook business account credentials. [...]
Inserting AI into cyber awareness
<p>The concept of <a href="https://www.techtarget.com/searchsecurity/definition/security-awareness-training" target="_blank" rel="noopener">security awareness training</a> is traditionally one of static procedures, inclu
KimJongRAT Attacking Windows Users via Weaponized .hta Files to Steal Logins
A new remote access trojan dubbed KimJongRAT has surfaced, posing a severe threat to Windows users. This sophisticated malware is believed to be orchestrated by the Kimsuky group, a threat actor with alleged state backin
Bloody Wolf Hackers Mimic as Government Agencies to Deploy NetSupport RAT via Weaponized PDF’s
A sophisticated Advanced Persistent Threat group known as Bloody Wolf has intensified its cyber espionage operations across Central Asia, targeting government and private sectors. Since late June 2025, the group has orch
Black Friday 2025: Wenn Shopping-Fieber und KI-Betrug zusammenkommen
Die Webmail-Dienste Web.de und GMX meldeten rund um den Black Friday 2024 einen deutlichen Anstieg an Spam- und Phishing-Mails: zehn Prozent mehr als üblich.
Microsoft Teams Guest Chat Vulnerability Exposes Users to Malware Attack
A significant gap in Microsoft Teams’ B2B guest access allows attackers to bypass Defender for Office 365 protections, creating unprotected zones for phishing and malware delivery. At Cybersecurity News, we recently high
Studie: [EXTERN]-Tags schützen nicht vor Phishing
Eine großangelegte Simulation an einer deutschen Universitätsklinik zeigt: Gängige Schutzmaßnahmen wie [EXTERN]-Tags versagen, technische Filter wirken.
FBI Warns of Fake Internet Crime Complaint Center (IC3) Website Used for Phishing Attacks
The Federal Bureau of Investigation (FBI) has issued urgent warnings about cybercriminals spoofing the official Internet Crime Complaint Center (IC3) website to conduct phishing attacks and steal sensitive personal infor
Hackers Sell Lifetime Access to WormGPT and KawaiiGPT for Just $220
Cybercriminals are now selling lifetime access to malicious AI chatbots WormGPT and KawaiiGPT for as little as $220, marking a dangerous new chapter in AI-powered cybercrime. These tools remove all ethical restrictions f
FBI Reports $262M in ATO Fraud as Researchers Cite Growing AI Phishing and Holiday Scams
The U.S. Federal Bureau of Investigation (FBI) has warned that cybercriminals are impersonating financial institutions with an aim to steal money or sensitive information to facilitate account takeover (ATO) fraud scheme
KawaiiGPT – New Black-Hat AI Tool Used by Hackers to Launch Cyberattacks
KawaiiGPT, a free malicious large language model (LLM) first spotted in July 2025 and now at version 2.5, empowers novice cybercriminals with tools for phishing emails, ransomware notes, and attack scripts, drastically l