ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
Hackers Weaponize QR Codes Embedded with Malicious Links to Steal Sensitive Information
Cybersecurity researchers have observed a surge in phishing campaigns leveraging QR codes to deliver malicious payloads. This emerging threat, often dubbed “quishing,” exploits the opaque nature of QR codes to conceal ha
Threat Actors Abuse AI Website Creation App to Deliver Malware
Cybercriminals have discovered a new avenue for malicious activities by exploiting Lovable, an AI-powered website creation platform, to develop sophisticated phishing campaigns and malware delivery systems. The platform,
APT MuddyWater Attacking CFOs Leveraging OpenSSH, Enables RDP, and Scheduled Task
A sophisticated cyber espionage campaign attributed to APT MuddyWater has emerged targeting Chief Financial Officers and finance executives across Europe, North America, South America, Africa, and Asia. The threat actors
Phishing-Schutz: Eine Checkliste für Anwender
<p>Phishing gehört nach wie vor zu den größten Bedrohungen für Unternehmen. Werden doch Einzelpersonen angegangen, um sich beispielsweise Zugang zum Unternehmen zu verschaffen oder Malware einzuschleusen.</p> <div class=
AI website builder Lovable increasingly abused for malicious activity
Cybercriminals are increasingly abusing the AI-powered Lovable website creation and hosting platform to generate phishing pages, malware-dropping portals, and various fraudulent websites. [...]
Hackers Weaponize Active Directory Federation Services and office.com to Steal Microsoft 365 logins
A novel and highly tricky phishing campaign is actively stealing Microsoft 365 credentials by exploiting Microsoft’s own Active Directory Federation Services (ADFS) to redirect users from legitimate office.com links to m
Hackers steal Microsoft logins using legitimate ADFS redirects
Hackers are using a novel technique that combines legitimate office.com links with Active Directory Federation Services (ADFS) to redirect users to a phishing page that steals Microsoft 365 logins. [...]
Threat Actors Leverage GenAI Platforms to Create Realistic Phishing Content
Cybercriminals are increasingly exploiting generative artificial intelligence platforms to orchestrate sophisticated phishing campaigns that pose unprecedented challenges to traditional security detection mechanisms. The
New Salty 2FA PhaaS platform Attacking Microsoft 365 Users to Steal Login Credentials
A sophisticated new Phishing-as-a-Service (PhaaS) framework dubbed “Salty 2FA” has emerged as a significant threat to Microsoft 365 users across US and European industries. This previously undocumented platform employs a
Noodlophile Stealer evolution
Noodlophile malware spreads via copyright phishing, targeting firms in the U.S., Europe, Baltics & APAC with tailored spear-phishing lures. The Noodlophile malware campaign is expanding globally, using spear-phishing ema
Threat Actors Attacking Organizations Key Employees With Weaponized Copyright Documents to Deliver Noodlophile Stealer
A sophisticated phishing campaign has emerged targeting enterprises with significant social media footprints, leveraging weaponized copyright infringement notices to deliver the evolved Noodlophile Stealer malware. This
North Korean Kimsuky Hackers Leveraged GitHub to Attack Foreign Embassies with XenoRAT Malware
A sophisticated espionage campaign targeting diplomatic missions in South Korea has exposed the evolving tactics of North Korean state-sponsored hackers. Between March and July 2025, threat actors linked to the notorious
Hackers Weaponizing Cisco’s Secure Links to Evade Link Scanning and By-Pass Network Filters
A sophisticated attack campaign uncovered where cybercriminals are weaponizing Cisco’s own security infrastructure to conduct phishing attacks. The attackers are exploiting Cisco Safe Links technology, designed to prote
Threats Actors Using Telegram as The Communication Channel to Exfiltrate The Stolen Data
Cybersecurity researchers have identified an alarming trend where threat actors are increasingly leveraging Telegram’s Bot API infrastructure as a covert communication channel for data exfiltration. This sophisticated at
New Gmail Phishing Attack With Weaponized Login Flow Steals Login Credentials
A sophisticated new phishing campaign targeting Gmail users through a multi-layered attack that uses legitimate Microsoft Dynamics infrastructure to bypass security measures and steal login credentials. The attack begins
Mobile Phishers Target Brokerage Accounts in ‘Ramp and Dump’ Cashout Scheme
Cybercriminal groups peddling sophisticated phishing kits that convert stolen card data into mobile wallets have recently shifted their focus to targeting customers of brokerage services, new research shows. Undeterred b
New Clever Phishing Attack Uses Japanese Character “ん” to Mimic Forward Slash
Security researchers have uncovered a sophisticated new phishing campaign that exploits the Japanese hiragana character “ん” to create deceptively authentic-looking URLs that can fool even vigilant internet users. The att
Threat Actors Personalize Phishing Attacks With Advanced Tactics for Malware Delivery
Cybercriminals are increasingly leveraging personalization tactics to enhance the effectiveness of their malware-delivery phishing campaigns, with threat actors customizing subject lines, attachment names, and embedded l
New Trends in Phishing Attacks Emerges as AI Reshaping the Tool Used by Cybercriminals
The cybersecurity landscape is witnessing a fundamental transformation as artificial intelligence becomes the newest weapon in cybercriminals’ arsenals, revolutionizing traditional phishing and scam operations. Unlike co
Booking.com phishing campaign uses sneaky 'ん' character to trick you
Threat actors are leveraging a Unicode character to make phishing links appear like legitimate Booking.com links in a new campaign distributing malware. The attack makes use of the Japanese hiragana character, ん, which c