ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
Threat Actors Weaponize PDFs to Impersonate Microsoft, DocuSign, Dropbox and More in Phishing Attack
<html><body><p>Cybercriminals have significantly escalated their use of PDF attachments as attack vectors, leveraging the trusted document format to impersonate major brands including Microsoft, DocuSign, Dropbox, PayPal
Using AI to Battle Phishing Campaigns
<html><body><p>Cisco Security and Splunk protected Cisco Live San Diego 2025 in the Security Operations Center. Learn about the latest innovations for the SOC of the Future.</p></body></html>
Snake Keyloggers Abuse Java Utilities to Evade Security Tools
<html><body><p>A sophisticated phishing campaign leveraging the Snake Keylogger malware has emerged, exploiting legitimate Java debugging utilities to bypass security mechanisms and target organizations worldwide. The Ru
Hackers Use .PIF Files and UAC Bypass to Drop Remcos Malware on Windows
<html><body><p>A sophisticated new phishing campaign has emerged, leveraging obsolete Windows file formats and advanced evasion techniques to distribute the notorious Remcos Remote Access Trojan. The attack chain employs
Scattered Spider Attacking Tech Companies Using Phishing Frameworks Like Evilginx and Social Engineering Methods
<html><body><p>Scattered Spider burst onto the cybersecurity stage in early 2022 as little more than a SIM-swapping crew, but by mid-2025 it had pivoted into a full-scale, financially motivated threat group leveraging ad
What is phishing? Understanding enterprise phishing threats
<html><body><p>Phishing is a fraudulent practice in which an attacker masquerades as a reputable entity or person to trick users into revealing sensitive information.</p></body></html>
Fake DocuSign email hides tricky phishing attempt
<html><body><p>An invitation to sign a DocuSign document went through mysterious ways and a way-too-easy Captcha to fingerprint the target.</p></body></html>
Cybercriminals Leveraging CapCut Popularity to Harvest Apple ID Credentials & Credit Card Data
<html><body><p>Cybercriminals have begun exploiting the widespread popularity of CapCut, the dominant short-form video editing application, to orchestrate sophisticated phishing campaigns targeting Apple ID credentials a
APT42 impersonates cyber professionals to phish Israeli academics and journalists
<html><body><p>Iran-linked APT42 targets Israeli experts with phishing attacks, posing as security professionals to steal email credentials and 2FA codes. Iran-linked group APT42 (aka Educated Manticore, Charming Kitten,
ClickFix Attack Emerges by Over 500% – Hackers Actively Using This Technique to Trick Users
<html><body><p>A sophisticated new social engineering technique called ClickFix has exploded across the cyberthreat landscape, experiencing an unprecedented surge of 517% between the second half of 2024 and the first hal
APT-C-36 Hackers Attacking Government Institutions, Financial Organizations, and Critical Infrastructure
<html><body><p>Since 2018, the advanced persistent threat group APT-C-36, commonly known as Blind Eagle, has emerged as a formidable cyber adversary targeting critical sectors across Latin America. This sophisticated thr
Wie Kriminelle legitime Tools für Ransomware-Angriffe nutzen
<html><body><p>Sie beginnen mit einer Phishing-Mail und nutzen vorhandene System-Tools, um schwerwiegenden Schaden per Ransomware anzurichten. Wie funktionieren diese Angriffe im Detail?</p></body></html>
Microsoft 365’s Direct Send Exploited to Send Phishing Emails as Internal Users
<html><body><p>A sophisticated phishing campaign affecting more than 70 organizations by exploiting Microsoft 365’s Direct Send feature. This novel attack method allows threat actors to spoof internal users and deliver p
Iranian APT35 Hackers Attacking High-Profile Cyber Security Experts & Professors from Israel
<html><body><p>A sophisticated spear-phishing campaign targeting Israeli cybersecurity experts and computer science professors has emerged amid escalating tensions between Iran and Israel. The Iranian threat group Educat
Microsoft 365 'Direct Send' abused to send phishing as internal users
<html><body><p>An ongoing phishing campaign abuses a little‑known feature in Microsoft 365 called "Direct Send" to evade detection by email security and steal credentials. [...]</p></body></html>
Iranian Spear-Phishing Attack Mimic Google, Outlook, and Yahoo Domains
<html><body><p>A sophisticated Iranian cyber espionage campaign has resurfaced with renewed intensity, targeting high-profile figures through meticulously crafted spear-phishing operations that impersonate major email pr
Beware of Weaponized Wedding Invite Scams That Deploys SpyMax RAT on Android Devices
<html><body><p>A sophisticated Android phishing campaign has emerged across India, exploiting the cultural significance of wedding invitations to distribute malicious software. The attack, dubbed “Wedding Invitation,” le
Trezor’s support platform abused in crypto theft phishing attacks
<html><body><p>Trezor is alerting users about a phishing campaign that abuses its automated support system to send deceptive emails from its official platform. [...]</p></body></html>
2,000+ Devices Hacked Using Weaponized Social Security Statement Themes
<html><body><p>A sophisticated phishing campaign masquerading as official Social Security Administration (SSA) communications has successfully compromised more than 2,000 devices, according to a recent investigation. The
Weaponized DMV-Themed Phishing Attacking U.S. Citizens to Harvest Personal and Financial Data
<html><body><p>A sophisticated phishing campaign emerged in May 2025, targeting U.S. citizens through a coordinated impersonation of state Department of Motor Vehicles (DMV) agencies. This large-scale operation utilized