ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
Phishing emails disguised as spam filter alerts are stealing logins
Think twice before clicking that "Secure Message" alert from your organization's spam filters. It might be a phish built to steal your credentials.
Google Sues China-Based Hackers Behind $1 Billion Lighthouse Phishing Platform
Google has filed a civil lawsuit in the U.S. District Court for the Southern District of New York (SDNY) against China-based hackers who are behind a massive Phishing-as-a-Service (PhaaS) platform called Lighthouse that
New Phishing Attack Leverages Popular Brands to Harvest Login Credentials
A sophisticated phishing campaign has emerged, targeting organizations across Central and Eastern Europe by impersonating legitimate global brands to deceive users into surrendering their login credentials. The attack ut
Google Sues Chinese Cybercriminals Behind ‘Lighthouse’ Phishing Kit
Google is targeting the threat group known as Smishing Triad, which used over 194,000 malicious domains in a campaign. The post Google Sues Chinese Cybercriminals Behind ‘Lighthouse’ Phishing Kit appeared first on Secur
This Is the Platform Google Claims Is Behind a 'Staggering’ Scam Text Operation
Google is suing 25 people it alleges are behind a “relentless” scam text operation that uses a phishing-as-a-service platform called Lighthouse.
New Phishing Attack Targeting Meta Business Suite Users to Steal Login Credentials
A large-scale phishing campaign has emerged, exploiting Meta’s Business Suite to compromise credentials across thousands of small and medium-sized businesses worldwide. Check Point security researchers identified approxi
New Quantum Route Redirect Tool Lets Attackers Launch One-Click Phishing Attacks on Microsoft 365 Users
A sophisticated phishing campaign is targeting Microsoft 365 users worldwide through a newly discovered tool called Quantum Route Redirect. This advanced automation platform transforms complex phishing operations into si
Beware of Security Alert-Themed Malicious Emails that Steal Your Email Logins
A new wave of security alert-themed phishing emails has recently surfaced, causing concern within both enterprise and personal email environments. These malicious emails cleverly impersonate official security notificatio
Hackers Weaponizing Calendar Files as New Attack Vector Bypassing Traditional Email Defenses
A surge in attacks exploiting iCalendar (.ics) files as a sophisticated threat vector that bypasses traditional email security defenses. These attacks leverage the trusted, plain-text nature of calendar invitations to de
Stolen iPhones are locked tight, until scammers phish your Apple ID credentials
Stolen iPhones are hard to hack, so thieves are phishing the owners instead. How fake ‘Find My’ messages trick victims into sharing their Apple ID login.
Quantum Route Redirect PhaaS targets Microsoft 365 users worldwide
A new phishing automation platform named Quantum Route Redirect is using around 1,000 domains to steal Microsoft 365 users' credentials. [...]
5 reasons why attackers are phishing over LinkedIn
Attackers are increasingly phishing over LinkedIn to reach executives and bypass email security tools. Push Security explains how real-time browser protection detects and blocks phishing across apps and channels as users
Large-Scale ClickFix Phishing Attacks Target Hotel Systems with PureRAT Malware
Cybersecurity researchers have called attention to a massive phishing campaign targeting the hospitality industry that lures hotel managers to ClickFix-style pages and harvest their credentials by deploying malware like
Lost iPhone? Don’t fall for phishing texts saying it was found
The Swiss National Cyber Security Centre (NCSC) is warning iPhone owners about a phishing scam that claims to have found your lost or stolen iPhone but is actually trying to steal your Apple ID credentials. [...]
Microsoft Teams’ New “Chat with Anyone” Feature Exposes Users to Phishing and Malware Attacks
Microsoft’s upcoming Teams update, set for targeted releases in early November 2025 and worldwide by January 2026, will allow users to initiate chats with only an email address, even if the recipient isn’t a Teams user.
New Phising Attack Targeting Travellers from Hotel’s Compromised Booking.com Account
A sophisticated phishing campaign is actively targeting hotel establishments and their guests through compromised Booking.com accounts, according to research uncovered by security experts. The campaign, dubbed “I Paid Tw
Cavalry Werewolf Attacking Government Organizations to Deploy Backdoor for Network Access
In July 2025, a sophisticated hacker group known as Cavalry Werewolf executed a targeted campaign against Russian government institutions, compromising critical infrastructure through coordinated phishing operations. The
Russia-linked APT InedibleOchotense impersonates ESET to deploy backdoor on Ukrainian systems
Russia-linked group InedibleOchotense used fake ESET installers in phishing attacks on Ukrainian targets in May 2025. Russia-linked group InedibleOchotense used trojanized ESET installers in phishing attacks against Ukra
Trojanized ESET Installers Drop Kalambur Backdoor in Phishing Attacks on Ukraine
A previously unknown threat activity cluster has been observed impersonating Slovak cybersecurity company ESET as part of phishing attacks targeting Ukrainian entities. The campaign, detected in May 2025, is tracked by t
APT-C-60 Attacking Job Seekers to Download Weaponized VHDX File from Google Drive to Steal Sensitive Data
A sophisticated espionage campaign targeting recruitment professionals has emerged, with the APT-C-60 threat group weaponizing VHDX files to compromise organizations. The threat actors impersonate job seekers in spear-ph