ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
New .NET CAPI Backdoor Targets Russian Auto and E-Commerce Firms via Phishing ZIPs
Cybersecurity researchers have shed light on a new campaign that has likely targeted the Russian automobile and e-commerce sectors with a previously undocumented .NET malware dubbed CAPI Backdoor. According to Seqrite La
Silver Fox Expands Winos 4.0 Attacks to Japan and Malaysia via HoldingHands RAT
The threat actors behind a malware family known as Winos 4.0 (aka ValleyRAT) have expanded their targeting footprint from China and Taiwan to target Japan and Malaysia with another remote access trojan (RAT) tracked as H
APT28 With Weaponized Office Documents Delivers BeardShell and Covenant Modules
Russia’s APT28 has resurfaced in mid-2025 with a sophisticated spear-phishing campaign that weaponizes Office documents to deploy two novel payloads: BeardShell, a C-based backdoor leveraging IceDrive as a command-and-co
Prosper data breach puts 17 million people at risk of identity theft
While Prosper says no funds or accounts were accessed, the stolen data could lead to targeted phishing and identity theft.
Microsoft erneut meistgefälschte Marke in Phishing-Angriffen
Auch im dritten Quartal 2025 war die Technologiebranche am stärksten betroffen, gefolgt von sozialen Netzwerken und dem Einzelhandel. Mit dem Beginn der großen Einkaufssaison rechnen die Forscher mit einem weiteren Ansti
Beware of Fake ‘LastPass Hack’ Emails Trying to Trick Users Into Installing Malware
Cybersecurity professionals are raising alarms over a new wave of phishing emails masquerading as breach notifications from LastPass. These messages warn recipients of an urgent account compromise and urge them to downlo
Operation Silk Lure Weaponizing Windows Scheduled Tasks to Drop ValleyRAT
Over the past month, a targeted campaign dubbed Operation Silk Lure has surfaced, exploiting the Windows Task Scheduler to deploy a novel variant of ValleyRAT. Emerging in mid-2025, the operation hinges on spear-phishing
New Phishing Attack Uses Basic Auth URLs to Trick Users and Steal Login Credentials
Early October 2025 witnessed the resurgence of a retro phishing technique that exploits legacy Basic Authentication URLs to deceive users into divulging sensitive credentials. Threat actors crafted links in the format ht
PhantomVAI Loader Attacking Organizations Worldwide to Deliver AsyncRAT, XWorm, FormBook and DCRat
A sophisticated multi-stage malware campaign is targeting organizations globally, utilizing the PhantomVAI Loader to distribute dangerous information-stealing malware. The attack chain, which begins with carefully crafte
Fake LastPass, Bitwarden breach alerts lead to PC hijacks
An ongoing phishing campaign is targeting LastPass and Bitwarden users with fake emails claiming that the companies were hacked, urging them to download a supposedly more secure desktop version of the password manager. [
New Cyberattack Leverages NPM Ecosystem to Infect Developers While Installing Packages
Cybersecurity researchers have uncovered a sophisticated phishing campaign that weaponizes the NPM ecosystem through an unprecedented attack vector. Unlike traditional malicious package installations, this operation leve
Hackers Leverage Judicial Notifications to Deploy Info-Stealer Malware
Cybercriminals have developed a sophisticated phishing campaign targeting Colombian users through fake judicial notifications, deploying a complex multi-stage malware delivery system that culminates in AsyncRAT infection
Hackers Mimic as OpenAI and Sora Services to Steal Login Credentials
In recent weeks, a sophisticated phishing campaign has emerged, targeting corporate and consumer accounts by impersonating both OpenAI and Sora-branded login portals. Attackers distribute emails crafted to appear as legi
Researchers Expose TA585’s MonsterV2 Malware Capabilities and Attack Chain
Cybersecurity researchers have shed light on a previously undocumented threat actor called TA585 that has been observed delivering an off-the-shelf malware called MonsterV2 via phishing campaigns. The Proofpoint Threat R
Phishing Scams Exploit New York’s Inflation Refund Program
Scammers are texting residents, urging them to “verify payment details” to claim their refund.
Meet Varonis Interceptor: AI-Native Email Security
AI-generated phishing and social engineering attacks outpace traditional email defenses. Varonis' new Interceptor platform uses multimodal AI — vision, language, and behavior models — to detect zero-hour attacks and stop
NPM Infrastructure Abused in Phishing Campaign Aimed at Industrial and Electronics Firms
Threat actors used automation to create over 175 malicious NPM packages targeting more than 135 organizations. The post NPM Infrastructure Abused in Phishing Campaign Aimed at Industrial and Electronics Firms appeared fi
Spanish Authorities Dismantle ‘GXC Team’ Crime-as-a-Service Operation
The authorities arrested GoogleXcoder, the alleged administrator of GXC Team, which offered phishing kits and Android malware. The post Spanish Authorities Dismantle ‘GXC Team’ Crime-as-a-Service Operation appeared first
Mikrosegmentierung kann die Wirkung von Phishing-Attacken eindämmen
Bei automatisierter Mikrosegmentierung wird Jede Ressource proaktiv isoliert, sodass Angreifer selbst dann, wenn ein Phishing-Betrug einen ersten Zugriff ermöglicht, keine seitlichen Bewegungen ausführen können.
Cybercrime ring GXC Team dismantled in Spain, 25-year-old leader detained
Spain’s Guardia Civil dismantled the cybercrime group “GXC Team” and arrested its 25-year-old Brazilian leader. Spanish Guardia Civil dismantled the “GXC Team” cybercrime group, arresting its 25-year-old Brazilian leader