ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
Cybersecurity Newsletter Weekly – Shai Halud Attack, Ivanti Exploits, FinWise, BMW Data Leak, and More
This week in cybersecurity, researchers exposed hidden alliances between ransomware groups, the rise of AI-powered phishing platforms, and large-scale vulnerabilities affecting telecom and enterprise systems. Major data
Phishing Attacks Using AI-Powered Platforms to Misleads Users and Evades Security Tools
Phishing campaigns have long relied on social engineering to dupe unsuspecting users, but recent developments have elevated these attacks to a new level of sophistication. Attackers now harness advanced content-generatio
Russian Hacking Groups Gamaredon and Turla Attacking Organizations to Deploy Kazuar Backdoor
In early 2025, cybersecurity researchers observed an unprecedented collaboration between two Russian APT groups targeting Ukrainian organizations. Historically, Gamaredon has focused on broad spear-phishing campaigns aga
17,500 Phishing Domains Target 316 Brands Across 74 Countries in Global PhaaS Surge
The phishing-as-a-service (PhaaS) offering known as Lighthouse and Lucid has been linked to more than 17,500 phishing domains targeting 316 brands from 74 countries. "Phishing-as-a-Service (PhaaS) deployments have risen
New Phishing Attack Targets Facebook Users to Steal Login Credentials
A sophisticated phishing campaign has recently emerged, targeting Facebook users with carefully crafted emails designed to harvest login credentials. Attackers leverage the platform’s own external URL warning system to c
Disrupted phishing service was after Microsoft 365 credentials
Microsoft and Cloudflare have delivered a major blow to the fastest growing Phishing-as-a-Service operation called RaccoonO365.
China-linked APT41 targets government, think tanks, and academics tied to US-China trade and policy
China-linked group APT41 impersonated a U.S. lawmaker in phishing attacks on government, think tanks, and academics tied to US-China trade and policy. Proofpoint observed China-linked cyber espionage group APT41 imperson
Hackers Exploit RTL/LTR Scripts and Browser Gaps to Hide Malicious URLs
A decade-old Unicode vulnerability known as BiDi Swap allows attackers to spoof URLs for sophisticated phishing attacks. By exploiting how browsers render mixed Right-to-Left (RTL) and Left-to-Right (LTR) language script
Microsoft Dismantles 300+ Websites Used to Distribute RaccoonO365 Phishing Service
Since mid-2024, cybercriminals have leveraged a subscription-based phishing platform known as RaccoonO365 to harvest Microsoft 365 credentials at scale. Emerging as an off-the-shelf service, RaccoonO365 requires minimal
Microsoft and Cloudflare teamed up to dismantle the RaccoonO365 phishing service
Microsoft and Cloudflare disrupted the RaccoonO365 phishing service, used to steal thousands of user credentials. A joint operation conducted by Microsoft and Cloudflare has taken down the infrastructure used by the Racc
Microsoft and Cloudflare disrupt massive RaccoonO365 phishing service
Microsoft and Cloudflare have disrupted a massive Phishing-as-a-Service (PhaaS) operation, known as RaccoonO365, that helped cybercriminals steal thousands of Microsoft 365 credentials. [...]
Chinese TA415 Uses VS Code Remote Tunnels to Spy on U.S. Economic Policy Experts
A China-aligned threat actor known as TA415 has been attributed to spear-phishing campaigns targeting the U.S. government, think tanks, and academic organizations utilizing U.S.-China economic-themed lures. "In this acti
RaccoonO365 Phishing Service Disrupted, Leader Identified
Microsoft and Cloudflare have teamed up to take down the infrastructure used by RaccoonO365. The post RaccoonO365 Phishing Service Disrupted, Leader Identified appeared first on SecurityWeek.
RaccoonO365 Phishing Network Shut Down After Microsoft and Cloudflare Disrupt 338 Domains
Microsoft's Digital Crimes Unit said it teamed up with Cloudflare to coordinate the seizure of 338 domains used by RaccoonO365, a financially motivated threat group that was behind a phishing-as-a-service (Phaas) toolkit
Grok, ChatGPT, other AIs happy to help phish senior citizens
Big name AI chatbots are happy to create phishing emails and malicious code to target senior citizens.
New FileFix Variant Delivers StealC Malware Through Multilingual Phishing Site
Cybersecurity researchers have warned of a new campaign that's leveraging a variant of the FileFix social engineering tactic to deliver the StealC information stealer malware. "The observed campaign uses a highly convinc
New APT28 Attack Via Signal Messenger Delivers BeardShell and Covenant Malware
Late in the summer of 2025, cybersecurity researchers uncovered a sophisticated spearphishing campaign targeting Ukrainian military personnel via the Signal messaging platform. The operation, dubbed “Phantom Net Voxel,”
Neon Cyber Emerges from Stealth, Shining a Light into the Browser
Neon Cyber argues that phishing, social engineering, and insider threats demand protections that follow users into the browser, where most attacks now begin. The post Neon Cyber Emerges from Stealth, Shining a Light into
Threat Actors Leverage Several RMM Tools in Phishing Attack to Maintain Remote Access
Cybercriminals are increasingly exploiting legitimate remote monitoring and management (RMM) tools to establish persistent access to compromised systems through sophisticated phishing campaigns. Joint research conducted
Hackers Using Generative AI ‘ChatGPT’ to Evade Anti-virus Defenses
In mid-July 2025, a novel campaign emerged in which cybercriminals weaponized generative AI to fabricate deepfake images of government IDs, embedding them within spear-phishing messages that bypassed traditional antiviru