ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
DarkCloud Stealer Attacking Financial Companies With Weaponized RAR Attachments
DarkCloud Stealer has recently emerged as a potent threat targeting financial organizations through convincing phishing campaigns. Adversaries employ weaponized RAR attachments masquerading as legitimate documents to del
New VoidProxy PhaaS Service Attacking Microsoft 365 and Google Accounts
In recent months, security teams have observed a significant increase in sophisticated phishing campaigns leveraging a newly discovered Phishing-as-a-Service (PhaaS) platform dubbed VoidProxy. The operation, first detect
New VoidProxy phishing service targets Microsoft 365, Google accounts
A newly discovered phishing-as-a-service (PhaaS) platform, named VoidProxy, targets Microsoft 365 and Google accounts, including those protected by third-party single sign-on (SSO) providers such as Okta. [...]
Sidewinder Hacker Group Weaponizing LNK File to Execute Malicious Scripts
The notorious APT-C-24 threat actor group, commonly known as Sidewinder or Rattlesnake, has evolved its attack methodology by deploying sophisticated LNK file-based phishing campaigns targeting government, energy, milita
Microsoft Teams Introduces Automatic Alerts for Malicious Links from Attackers
Microsoft to enhance security for its Teams platform by automatically warning users about malicious links in chat messages. The new feature, part of Microsoft Defender for Office 365, is designed to protect users from ph
PhishKit Evasion Tactics: What You Need to Pay Attention to Right Now
Cyber attackers constantly refine their evasion methods. That’s what makes threats, including phishing, increasingly hard to detect and investigate. Kits like Tycoon 2FA regularly evolve with new tricks added to their ar
kkRAT Employs Network Communication Protocol to Steal Clipboard Contents
In early May 2025, cybersecurity researchers began tracking a novel Remote Access Trojan (RAT) targeting Chinese-speaking users via phishing sites hosted on GitHub Pages. Masked as legitimate installers for popular appli
Email Security Startup AegisAI Launches With $13 Million in Funding
AegisAI uses autonomous AI agents to prevent phishing, malware, and BEC attacks from reaching inboxes. The post Email Security Startup AegisAI Launches With $13 Million in Funding appeared first on SecurityWeek.
KI-gestützter Phishing-Angriffe auf Krankenhäuser wird zunehmen
Unter Zuhilfenahme generativer KI-Tools können Angreifer schnell, unkompliziert, überzeugend – und skalierend – E-Mails erstellen
Trends bei Phishing, Ransomware und Co.
<p>Das ist eines der Ergebnisse des Berichtes in Sachen Cyberbedrohungen von Cisco Talos für das zweite Quartal 2025. Demnach erfolgen Phishing-Angriffe zunehmend mit kompromittierten E-Mail-Konten. Diese E-Mails können
Lazarus Hackers Exploiting Git Symlink Vulnerability in Sophisticated Phishing Attack
Early this month, cybersecurity researchers uncovered a novel phishing campaign attributed to the Lazarus Group that targets developers and crypto professionals through a cleverly crafted Git symlink vulnerability. Rathe
New Phishing Attack Mimics Google AppSheet to Steal Login Credentials
A sophisticated phishing campaign has emerged targeting Google Workspace organizations through fraudulent emails impersonating Google’s AppSheet platform. The attack demonstrates how cybercriminals exploit legitimate clo
New GONEPOSTAL Malware Hijacking Outlook to Enable Command and Control Communication
In recent weeks, security teams have observed a sophisticated new strain of malware—dubbed GONEPOSTAL—that subverts Microsoft Outlook to relay command and control (C2) instructions. Emerging through spear-phishing campai
Watch Out for Salty2FA: New Phishing Kit Targeting US and EU Enterprises
Phishing-as-a-Service (PhaaS) platforms keep evolving, giving attackers faster and cheaper ways to break into corporate accounts. Now, researchers at ANY.RUN has uncovered a new entrant: Salty2FA, a phishing kit designed
Supply chain attack targets npm, +2 Billion weekly npm downloads exposed
Multiple popular npm packages were compromised in a supply chain attack after a maintainer fell for a phishing email targeting 2FA credentials. A supply chain attack compromised multiple popular npm packages with 2B week
Beware of Phishing Email from Kimusky Hackers With Subject Spetember Tax Return Due Date Notice
A new wave of phishing attacks purporting to originate from South Korea’s National Tax Service has emerged, leveraging familiar electronic document notifications to trick recipients into divulging their Naver credentials
Axios Abuse and Salty 2FA Kits Fuel Advanced Microsoft 365 Phishing Attacks
Threat actors are abusing HTTP client tools like Axios in conjunction with Microsoft's Direct Send feature to form a "highly efficient attack pipeline" in recent phishing campaigns, according to new findings from ReliaQu
Ransomware Losses Climb as AI Pushes Phishing to New Heights
Based on real-world insurance claims, Resilience’s midyear report shows vendor risk is declining but costly, ransomware is evolving with triple extortion, and social engineering attacks are accelerating through AI. The p
From MostereRAT to ClickFix: New Malware Campaigns Highlight Rising AI and Phishing Risks
Cybersecurity researchers have disclosed details of a phishing campaign that delivers a stealthy banking malware-turned-remote access trojan called MostereRAT. The phishing attack incorporates a number of advanced evasio
SpamGPT – AI-powered Attack Tool Used By Hackers For Massive Phishing Attack
A sophisticated new cybercrime toolkit named SpamGPT is enabling hackers to launch massive and highly effective phishing campaigns by combining artificial intelligence with the capabilities of professional email marketin