ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
New Phishing Attack Via OneDrive Attacking C-level Employees for Corporate Credentials
A sophisticated spear-phishing campaign has emerged targeting senior executives and C-suite personnel across multiple industries, leveraging Microsoft OneDrive as the primary attack vector. The campaign utilizes carefull
Iran-Nexus Hackers Abuses Omani Mailbox to Target Global Governments
A sophisticated spear-phishing campaign orchestrated by Iranian-aligned operators has been identified targeting diplomatic missions worldwide through a compromised Ministry of Foreign Affairs of Oman mailbox. The attack,
New Large-Scale Phishing Attacks Targets Hotelier Via Ads to Gain Access to Property Management Tools
A novel phishing campaign emerged in late August 2025 that specifically targeted hoteliers and vacation rental managers through malicious search engine advertisements. Rather than relying on mass email blasts or social m
Hackers Abuse Legitimate Email Marketing Platforms to Disguise Malicious Links
Cybercriminals are increasingly exploiting legitimate email marketing platforms to launch sophisticated phishing campaigns, leveraging the trusted reputation of these services to bypass security filters and deceive victi
New ‘Sindoor Dropper’ Malware Targets Linux Systems with Weaponized .desktop Files
A new malware campaign, dubbed “Sindoor Dropper,” is targeting Linux systems using sophisticated spear-phishing techniques and a multi-stage infection chain. The campaign leverages lures themed around the recent India-Pa
Threat Actors Leveraging Windows and Linux Vulnerabilities in Real-world Attacks to Gain System Access
Cybersecurity teams worldwide have observed a surge in sophisticated campaigns exploiting both Windows and Linux vulnerabilities in recent months to achieve unauthorized system access. These attacks often begin with phis
How Adversary-In-The-Middle (AiTM) Attack Bypasses MFA and EDR?
Adversary-in-the-Middle (AiTM) attacks are among the most sophisticated and dangerous phishing techniques in the modern cybersecurity landscape. Unlike traditional phishing attacks that merely collect static credentials,
Breaking the Passkey Promise: SquareX Discloses Major Passkey Vulnerability at DEF CON 33
It is no secret that passwords are highly susceptible to phishing and brute force attacks. This led to the mass adoption of passkeys, a passwordless authentication method leveraging cryptographic key pairs that allows us
How ClickFix and Multi-Stage Phishing Frameworks Are Breaking Enterprise Defenses
August 2025 has marked a significant evolution in cybercrime tactics, with threat actors deploying increasingly sophisticated phishing frameworks and social engineering techniques that are successfully bypassing traditio
Hackers Weaponize Trust with AI-Crafted Emails to Deploy ScreenConnect
AI-powered phishing attacks leverage ConnectWise ScreenConnect for remote access, underscoring their sophistication. The post Hackers Weaponize Trust with AI-Crafted Emails to Deploy ScreenConnect appeared first on Secur
New ZipLine Campaign Attacks Critical Manufacturing Companies to Deploy In-memory Malware MixShell
In recent weeks, a sophisticated phishing operation known as the ZipLine campaign has targeted U.S.-based manufacturing firms, leveraging supply-chain criticality and legitimate-seeming business communications to deploy
Blind Eagle’s Five Clusters Target Colombia Using RATs, Phishing Lures, and Dynamic DNS Infra
Cybersecurity researchers have discovered five distinct activity clusters linked to a persistent threat actor known as Blind Eagle between May 2024 and July 2025. These attacks, observed by Recorded Future Insikt Group,
New Attack Targeting ScreenConnect Cloud Administrators to Steal Login Credentials
A sophisticated credential harvesting campaign has emerged targeting ScreenConnect cloud administrators with spear phishing attacks designed to steal super administrator credentials. The ongoing operation, designated MCT
Check Point Research deckt hochentwickelte Phishing-Kampagne ZipLine auf
ZipLine zeigt, wie ausgeklügelt Social-Engineering-Angriffe inzwischen sind. Webformular-Missbrauch, langfristige E-Mail-Konversationen und KI-bezogene Köder machen herkömmliche Erkennungsmethoden wirkungslos. Um mit der
Phishing Campaign Uses UpCrypter in Fake Voicemail Emails to Deliver RAT Payloads
Cybersecurity researchers have flagged a new phishing campaign that's using fake voicemails and purchase orders to deliver a malware loader called UpCrypter. The campaign leverages "carefully crafted emails to deliver ma
Hackers Leverage Google Classroom for 115,000+ Phishing Emails Targeting 13,500+ Organizations
A large-scale phishing campaign was conducted by threat actors who abused Google Classroom to distribute over 115,000 malicious emails to more than 13,500 organizations globally. The campaign uncovered by Check Point unf
Transparent Tribe Targets Indian Govt With Weaponized Desktop Shortcuts via Phishing
The advanced persistent threat (APT) actor known as Transparent Tribe has been observed targeting both Windows and BOSS (Bharat Operating System Solutions) Linux systems with malicious Desktop shortcut files in attacks t
Hackers Leverage SendGrid in Recent Attack to Harvest Login Credentials
A sophisticated credential harvesting campaign has emerged, exploiting the trusted reputation of SendGrid to deliver phishing emails that successfully bypass traditional email security gateways. The attack leverages Send
New Gmail Phishing Attack Uses AI Prompt Injection to Evade Detection
Phishing has always been about deceiving people. But in this campaign, the attackers weren’t only targeting users; they also attempted to manipulate AI-based defenses. This is an evolution of the Gmail phishing chain I d
Linux Malware Delivered via Malicious RAR Filenames Evades Antivirus Detection
Cybersecurity researchers have shed light on a novel attack chain that employs phishing emails to deliver an open-source backdoor called VShell. The "Linux-specific malware infection chain that starts with a spam email w