ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
New PhantomCaptcha RAT Weaponized PDFs to Deliver Malware Using ‘ClickFix’-Style Cloudflare Captcha Pages
A sophisticated spearphishing campaign has emerged targeting humanitarian organizations and Ukrainian government agencies, leveraging weaponized PDF attachments and fake Cloudflare verification pages to distribute a dang
Threat Actors Advancing Email Phishing Attacks to Bypass Security Filters
Email phishing attacks have reached a critical inflection point in 2025, as threat actors deploy increasingly sophisticated evasion techniques to circumvent traditional security infrastructure and user defenses. The thre
Der Dominoeffekt: Warum der Jaguar Land Rover Angriff das Versagen isolierter Cybersicherheit offenbart
Ein einziges kompromittiertes Endgerät, ein gestohlener Account oder eine erfolgreiche Phishing-Mail reichen heute aus, um eine Kettenreaktion auszulösen. Diese breitet sich vom Netzwerk im Büro bis in die physischen Pro
Hackers Abuse Microsoft 365 Exchange Direct Send to Bypass Content Filters and Harvest Sensitive Data
Microsoft 365 Exchange Online’s Direct Send feature, originally designed to enable legacy devices and applications to send emails without authentication, has become an exploitable pathway for cybercriminals conducting so
Check Point erweitert Sicherheitslösung um KI-gestützte Phishing-Erkennung
Die Verfügbarkeit riesiger Datenmengen für ThreatCloud AI in Verbindung mit dem Fachwissen von Check Point im Bereich Cyber-Sicherheit ermöglicht es, Echtzeit-KI-Engines zu entwickeln, die in der Lage sind, bisher unbeka
“Jingle Thief” Hackers Exploit Cloud Infrastructure to Steal Millions in Gift Cards
Cybersecurity researchers have shed light on a cybercriminal group called Jingle Thief that has been observed targeting cloud environments associated with organizations in the retail and consumer services sectors for gif
PhantomCaptcha targets Ukraine relief groups with WebSocket RAT in October 2025
PhantomCaptcha phishing campaign hit Ukraine relief groups with a WebSocket RAT on Oct 8, 2025, targeting Red Cross, UNICEF, and others. SentinelOne researchers uncovered PhantomCaptcha, a coordinated spear-phishing camp
SOCs Have a Quishing Problem: Here’s How to Solve It
QR codes used to be harmless, now they’re one of the sneakiest ways attackers slip past defenses. Quishing, or QR code phishing, hides malicious links inside innocent-looking images that filters can’t read. One scan, an
Ukraine Aid Groups Targeted Through Fake Zoom Meetings and Weaponized PDF Files
Cybersecurity researchers have disclosed details of a coordinated spear-phishing campaign dubbed PhantomCaptcha targeting organizations associated with Ukraine's war relief efforts to deliver a remote access trojan that
New Tykit Phishing Kit Mimics Microsoft 365 Login Pages to Steal Corporate Account Credentials
A sophisticated phishing kit dubbed Tykit, which impersonates Microsoft 365 login pages to harvest corporate credentials. First detected in May 2025, the kit has surged in activity during September and October, exploitin
Lumma Infostealer Malware Attacks Users to Steal Browser Cookies, Cryptocurrency Wallets and VPN/RDP Accounts
Since its emergence in August 2022, Lumma Infostealer has rapidly become a cornerstone of malware-as-a-service platforms, enabling even unskilled threat actors to harvest high-value credentials. Delivered primarily via p
PhantomCaptcha ClickFix attack targets Ukraine war relief orgs
A spearphishing attack that lasted a single day targeted members of the Ukrainian regional government administration and organizations critical for the war relief effort in Ukraine, including the International Committee
Threat Actors Allegedly Selling Monolock Ransomware on Dark Web Forums
Monolock ransomware has surfaced in underground forums, with threat actors advertising version 1.0 for sale alongside stolen corporate credentials. First detected in late September, the malware exploits phishing emails c
Cavalry Werewolf APT Hackers Attacking Multiple Industries with FoalShell and StallionRAT
A sophisticated threat campaign has emerged targeting Russia’s public sector and critical industries between May and August 2025. The Cavalry Werewolf APT group, also known as YoroTrooper and Silent Lynx, has been active
Pakistani Threat Actors Targeting Indian Govt. With Email Mimic as ‘NIC eEmail Services’
A sophisticated phishing campaign orchestrated by Pakistan-linked threat actors has been discovered targeting Indian government entities by impersonating the National Informatics Centre’s email services. The operation, a
Home Depot Halloween phish gives users a fright, not a freebie
Boo! A Home Depot Halloween “giveaway” isn’t a treat—it’s a phishing trick. Fake links, tracking pixels, and compromised sites are the real prizes here.
Wenn KI angreift: Microsoft warnt vor neuer Phishing-Welle
Der Fall zeigt deutlich: Künstliche Intelligenz ist längst ein entscheidender Faktor in der Cybersicherheit – auf beiden Seiten. Während Angreifer KI zur Perfektion ihrer Täuschungen nutzen, hilft sie Verteidigern, kompl
Europol Dismantles SIM Farm Network Powering 49 Million Fake Accounts Worldwide
Europol on Friday announced the disruption of a sophisticated cybercrime-as-a-service (CaaS) platform that operated a SIM farm and enabled its customers to carry out a broad spectrum of crimes ranging from phishing to in
Angriffe auf Hardware: So schützen Sie Ihre IT-Systeme
<p>Angriffe auf die physische IT-Infrastruktur stehen selten im Rampenlicht, können aber massive Schäden anrichten. Neben bekannten Bedrohungen wie Ransomware oder Phishing rücken Hersteller und Sicherheitsverantwortlich
New Phishing Attack Leverages Azure Blob Storage to Impersonate Microsoft
Threat actors are leveraging Microsoft Azure Blob Storage to craft highly convincing phishing sites that mimic legitimate Office 365 login portals, putting Microsoft 365 users at severe risk of credential theft. This met