ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
Alumni, Student, and Staff Information Stolen From Harvard University
A phone phishing attack led to the compromise of a system containing information about alumni, donors, students, staff, and other individuals. The post Alumni, Student, and Staff Information Stolen From Harvard Universit
WormGPT 4 and KawaiiGPT: New Dark LLMs Boost Cybercrime Automation
Palo Alto Networks has conducted an analysis of malicious LLMs that help threat actors with phishing, malware development, and reconnaissance. The post WormGPT 4 and KawaiiGPT: New Dark LLMs Boost Cybercrime Automation
Threat Actors Exploiting Black Friday Shopping Hype – 2+ Million Attacks Recorded
The 2025 Black Friday shopping season has become a prime hunting ground for cybercriminals, with threat actors recording over 2 million phishing attacks targeting online gamers and shoppers worldwide. As global e-commerc
Tycoon 2FA: Das Phishing-Kit, das 2FA ausgehebelt hat
Um 2FA- und MFA-Verfahren zu umgehen, setzt das Kit auf einen Adversary-in-the-Middle-Ansatz (AiTM) und Reverse-Proxy-Server. Darüber werden täuschend echt nachgebaute Login-Seiten bereitgestellt, die Anmeldedaten und Si
Matrix Push C2 abuses browser notifications to deliver phishing and malware
Attackers can send highly realistic push notifications through your browser, including fake alerts that can lead to malware or phishing pages.
Harvard University discloses data breach affecting alumni, donors
Harvard University disclosed over the weekend that its Alumni Affairs and Development systems were compromised in a voice phishing attack, exposing the personal information of students, alumni, donors, staff, and faculty
Hackers Replace ‘m’ with ‘rn’ in Microsoft(.)com to Steal Users’ Login Credentials
A sophisticated phishing campaign is currently leveraging a subtle typographical trick to bypass user vigilance, deceiving victims into handing over sensitive login credentials. Attackers utilize the domain “rnicrosoft.c
DHL-Phishing zur Online-Handel-Blütezeit
Mit der "Cyber-Week" startet der Online-Handel in den Jahresendspurt. Online-Betrüger wollen Opfer mit angeblichen Nachzahlungen ködern.
Matrix Push C2 Uses Browser Notifications for Fileless, Cross-Platform Phishing Attacks
Bad actors are leveraging browser notifications as a vector for phishing attacks to distribute malicious links by means of a new command-and-control (C2) platform called Matrix Push C2. "This browser-native, fileless fra
Phishing Breaks More Defenses Than Ever. Here’s the Fix
If your tools say a link is clean, do you fully trust it? Most SOC leaders don’t anymore, and for good reason. Phishing has become polished, quiet, and built to blend into everyday traffic. It slips through filters, lan
Hackers Using New Matrix Push C2 to Deliver Malware and Phishing Attacks via Web Browser
A new command-and-control platform called Matrix Push C2 has emerged as a serious threat to web users across all operating systems. This browser-based attack framework turns legitimate web browser features into a weapon
Scam USPS and E-Z Pass Texts and Websites
Google has filed a complaint in court that details the scam: In a complaint filed Wednesday, the tech giant accused “a cybercriminal group in China” of selling “phishing for dummies” kits. The kits help unsavvy fraudster
Holiday scams 2025: These common shopping habits make you the easiest target
Holiday deals are flooding your phone, and scammers are too. Watch for fake listings, phishing texts, and offers that seem just a little too good to be true.
Sneaky2FA PhaaS kit now uses redteamers' Browser-in-the-Browser attack
Sneaky2FA, a popular among cybercriminals phishing-as-a-service (PhaaS) kit, has added Browser-in-the-Browser (BitB) capabilities, giving "customers" the option to launch highly deceptive attacks. [...]
Attackers are using “Sneaky 2FA” to create fake sign-in windows that look real
The Phishing-as-a-Service kit Sneaky 2FA was found to use Browser-in-the-browser attacks to steal login credentials.
AI Is Supercharging Phishing: Here’s How to Fight Back
AI has given cybercriminals the ability to operate like Fortune‑500‑scale marketing departments—except their product is account takeover, data theft, and identity fraud. The post AI Is Supercharging Phishing: Here’s How
New Sneaky 2FA Phishing Kit with BitB Technique Attacking Users to Steal Microsoft Account Credentials
The Sneaky2FA phishing service has recently added a dangerous new capability to its toolkit that makes stealing Microsoft account credentials even easier for attackers. Push Security analysts and researchers have identif
Sneaky 2FA Phishing Kit Adds BitB Pop-ups Designed to Mimic the Browser Address Bar
The malware authors associated with a Phishing-as-a-Service (PhaaS) kit known as Sneaky 2FA have incorporated Browser-in-the-Browser (BitB) functionality into their arsenal, underscoring the continued evolution of such o
The Tycoon 2FA Phishing Platform and the Collapse of Legacy MFA
Tycoon 2FA enables turnkey real-time MFA relays behind 64,000+ attacks this year, proving legacy MFA collapses the moment a phishing kit targets it. Learn from Token Ring how biometric, phishing-proof FIDO2 hardware bloc
Tycoon 2FA and the Collapse of Legacy MFA
Tycoon 2FA enables turnkey real-time MFA relays behind 64,000+ attacks this year, proving legacy MFA collapses the moment a phishing kit targets it. Learn from Token Ring how biometric, phishing-proof FIDO2 hardware bloc