ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
LastPass warnt vor Phishing-Kampagne
LastPass warnt eindringlich vor einer derzeit laufenden Phishing-Welle. Die Drahtzieher wollen Zugriff auf die Passwort-Vaults.
Resurgence of a multi‑stage AiTM phishing and BEC campaign abusing SharePoint
Microsoft Defender Researchers uncovered a multi‑stage AiTM phishing and business email compromise (BEC) campaign targeting multiple organizations in the energy sector. The post Resurgence of a multi‑stage AiTM phishing
CVE-2026-24010 - Horilla has HTML Injection Issue that, with Phishing, Leads to Account Takeover
CVE ID : CVE-2026-24010 Published : Jan. 22, 2026, 3:15 a.m. | 20 minutes ago Description : Horilla is a free and open source Human Resource Management System (HRMS). A critical File Upload vulnerability in versions p
LastPass Warns of Fake Maintenance Message Tracking Users to Steal Master Passwords
A critical security alert regarding an active phishing campaign that commenced on January 19, 2026. The malicious actors are impersonating LastPass support staff and sending fraudulent emails claiming urgent vault backup
LastPass Users Targeted With Backup-Themed Phishing Emails
Threat actors may have wanted to take advantage of the holiday weekend in the United States to increase their chances of success. The post LastPass Users Targeted With Backup-Themed Phishing Emails appeared first on Secu
AI Phishing Is Your Company’s Biggest Security Risk in 2026: Here’s How to Stop It
Phishing used to be easy to spot. Bad grammar, strange links, obvious scams. That version is gone. In 2026, phishing is polished, well-written, and often smarter than it has any right to be thanks to AI. These attacks l
LastPass Warns of Fake Maintenance Messages Targeting Users’ Master Passwords
LastPass is alerting users to a new active phishing campaign that's impersonating the password management service, which aims to trick users into giving up their master passwords. The campaign, which began on or around J
Fake Lastpass emails pose as password vault backup alerts
LastPass is warning of a new phishing campaign disguised as a maintenance notification from the service, asking users to back up their vaults in the next 24 hours. [...]
Crooks impersonate LastPass in campaign to harvest master passwords
Password manager LastPass warns of an active phishing campaign impersonating the service to steal users’ master passwords. LastPass warned users about an active phishing campaign that began around January 19, 2026. Attac
Beware of Weaponized Shipping Documents that Deliver Remcos RAT with a Wide Range of Capabilities
Threat actors are leveraging a dangerous new campaign that weaponizes ordinary-looking shipping documents to distribute Remcos, a powerful remote access trojan. This phishing scheme uses fake shipping emails as the entry
You Got Phished? Of Course! You're Human...
Phishing succeeds not because users are careless, but because attackers exploit human timing, context, and emotion. Flare shows how modern phishing has become industrialized, scalable, and increasingly hard to spot. [...
Attackers Leverages LinkedIn to Deliver Remote Access Trojan Targeting Corporate Environments
A sophisticated phishing campaign is actively exploiting LinkedIn’s trusted social media platform to distribute a dangerous remote access trojan to corporate employees. Attackers are leveraging the professional credibili
Hackers Use LinkedIn Messages to Spread RAT Malware Through DLL Sideloading
Cybersecurity researchers have uncovered a new phishing campaign that exploits social media private messages to propagate malicious payloads, likely with the intent to deploy a remote access trojan (RAT). The activity de
New Spear Phishing Attack Leveraging Argentine Federal Court Rulings to Covert RAT for Remote Access
A sophisticated spear-phishing campaign has emerged targeting Argentina’s judicial sector, exploiting trust in legitimate court communications to deliver a dangerous Remote Access Trojan. The campaign uses authentic-look
New Spear-Phishing Attack Abusing Google Ads to Deliver EndRAT Malware
A new spear-phishing campaign known as Operation Poseidon has emerged, exploiting Google’s advertising infrastructure to distribute EndRAT malware while evading traditional security measures. he attack leverages legitima
CIRO Confirms Data Breach – 750,000 Canadian Investors Have been Impacted
Approximately 750,000 Canadian investors were affected by a sophisticated phishing attack first disclosed in August 2025. The self-regulatory organization announced the full extent of the breach on January 14, 2026. Afte
LOTUSLITE Backdoor Targets U.S. Policy Entities Using Venezuela-Themed Spear Phishing
Security experts have disclosed details of a new campaign that has targeted U.S. government and policy entities using politically themed lures to deliver a backdoor known as LOTUSLITE. The targeted malware campaign lever
Hackers Abusing Legitimate Cloud and CDN Platforms to Host Phishing Kits
Threat actors are increasingly using trusted cloud and content delivery network platforms to host phishing kits, creating major detection challenges for security teams. Unlike traditional phishing campaigns that rely on
New One-Click Microsoft Copilot Vulnerability Grants Attackers Undetected Access to Sensitive Data
A novel single-click attack targeting Microsoft Copilot Personal that enables attackers to silently exfiltrate sensitive user data. The vulnerability, now patched, allowed threat actors to hijack sessions via a phishing
RedVDS Cybercrime Service Disrupted by Microsoft and Law Enforcement
RedVDS enables threat actors to set up servers that can be used for phishing, BEC attacks, account takeover, and fraud. The post RedVDS Cybercrime Service Disrupted by Microsoft and Law Enforcement appeared first on Secu