phishing

Google Says Chinese ‘Lighthouse’ Phishing Kit Disrupted Following Lawsuit  

Google Says Chinese ‘Lighthouse’ Phishing Kit Disrupted Following Lawsuit   2025-11-14 at 10:30 By Eduard Kovacs The cybercriminals informed customers that their cloud server was shut down due to complaints. The post Google Says Chinese ‘Lighthouse’ Phishing Kit Disrupted Following Lawsuit   appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Google Says Chinese ‘Lighthouse’ Phishing Kit Disrupted Following Lawsuit   Read More »

Fake spam filter alerts are hitting inboxes

Fake spam filter alerts are hitting inboxes 2025-11-13 at 19:02 By Zeljka Zorz A new phishing campaign is attempting to trick users into believing they’ve missed important emails, security researchers are warning. The emails The bogus email alerts look like they are coming from the recipient’s email domain, and falsely claim that due to a

Fake spam filter alerts are hitting inboxes Read More »

Google Sues Chinese Cybercriminals Behind ‘Lighthouse’ Phishing Kit

Google Sues Chinese Cybercriminals Behind ‘Lighthouse’ Phishing Kit 2025-11-12 at 15:02 By Eduard Kovacs Google is targeting the threat group known as Smishing Triad, which used over 194,000 malicious domains in a campaign.  The post Google Sues Chinese Cybercriminals Behind ‘Lighthouse’ Phishing Kit appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Google Sues Chinese Cybercriminals Behind ‘Lighthouse’ Phishing Kit Read More »

What keeps phishing training from fading over time

What keeps phishing training from fading over time 2025-11-07 at 13:28 By Mirko Zorz When employees stop falling for phishing emails, it is rarely luck. A new study shows that steady, mandatory phishing training can cut risky behavior over time. After one year of continuous simulations and follow-up lessons, employees were half as likely to

What keeps phishing training from fading over time Read More »

Massive China-Linked Smishing Campaign Leveraged 194,000 Domains

Massive China-Linked Smishing Campaign Leveraged 194,000 Domains 2025-10-27 at 16:57 By Ionut Arghire The malicious Smishing Triad domains were used to collect sensitive information, including Social Security numbers. The post Massive China-Linked Smishing Campaign Leveraged 194,000 Domains appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Massive China-Linked Smishing Campaign Leveraged 194,000 Domains Read More »

Researchers expose large-scale YouTube malware distribution network

Researchers expose large-scale YouTube malware distribution network 2025-10-23 at 17:37 By Zeljka Zorz Check Point researchers have uncovered, mapped and helped set back a stealthy, large-scale malware distribution operation on YouTube they dubbed the “YouTube Ghost Network.” The network published more than 3,000 videos across compromised or fake channels, luring viewers with game cheats, cracked

Researchers expose large-scale YouTube malware distribution network Read More »

Malicious Code on Unity Website Skims Information From Hundreds of Customers

Malicious Code on Unity Website Skims Information From Hundreds of Customers 2025-10-13 at 18:46 By Eduard Kovacs The video game software development company says the incident impacted users of its SpeedTree website. The post Malicious Code on Unity Website Skims Information From Hundreds of Customers appeared first on SecurityWeek. This article is an excerpt from

Malicious Code on Unity Website Skims Information From Hundreds of Customers Read More »

NPM Infrastructure Abused in Phishing Campaign Aimed at Industrial and Electronics Firms

NPM Infrastructure Abused in Phishing Campaign Aimed at Industrial and Electronics Firms 2025-10-13 at 16:03 By Ionut Arghire Threat actors used automation to create over 175 malicious NPM packages targeting more than 135 organizations. The post NPM Infrastructure Abused in Phishing Campaign Aimed at Industrial and Electronics Firms appeared first on SecurityWeek. This article is

NPM Infrastructure Abused in Phishing Campaign Aimed at Industrial and Electronics Firms Read More »

Researchers uncover ClickFix-themed phishing kit

Researchers uncover ClickFix-themed phishing kit 2025-10-08 at 16:26 By Zeljka Zorz Palo Alto Networks researchers have discovered and analyzed “IUAM ClickFix Generator”, a phishing kit that allows less skilled attackers to infect unsuspecting users with malware by using the increasingly popular ClickFix social engineering technique. “This tool allows threat actors to create highly customizable phishing

Researchers uncover ClickFix-themed phishing kit Read More »

Microsoft spots LLM-obfuscated phishing attack

Microsoft spots LLM-obfuscated phishing attack 2025-09-25 at 19:00 By Zeljka Zorz Cybercriminals are increasingly using AI-powered tools and (malicious) large language models to create convincing, error-free emails, deepfakes, online personas, lookalike/fake websites, and malware. There’s even been a documented instance of an attacker using the agentic AI coding assistant Claude Code (along with Kali Linux)

Microsoft spots LLM-obfuscated phishing attack Read More »

FBI Warns of Spoofed IC3 Website

FBI Warns of Spoofed IC3 Website 2025-09-22 at 12:47 By Ionut Arghire Threat actors likely spoofed the official government website for personal information theft and monetary fraudulent activity. The post FBI Warns of Spoofed IC3 Website appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

FBI Warns of Spoofed IC3 Website Read More »

Microsoft disrupts the RaccoonO365 Phishing-as-a-Service operation, names alleged leader

Microsoft disrupts the RaccoonO365 Phishing-as-a-Service operation, names alleged leader 2025-09-17 at 15:23 By Zeljka Zorz Microsoft and Cloudflare have disrupted a Phishing-as-a-Service operation selling the RaccoonO365 kit for stealing Microsoft 365 account credentials. “Using a court order granted by the Southern District of New York, [we] seized 338 websites associated with the popular service, disrupting

Microsoft disrupts the RaccoonO365 Phishing-as-a-Service operation, names alleged leader Read More »

Old file types, new tricks: Attackers turn everyday files into weapons

Old file types, new tricks: Attackers turn everyday files into weapons 2025-09-17 at 07:44 By Anamarija Pogorelec Attackers are finding new ways to blend in with everyday business tools, hiding their activity inside formats and processes that workers and IT teams often trust. The latest quarterly Threat Insights Report from HP Wolf Security shows how

Old file types, new tricks: Attackers turn everyday files into weapons Read More »

Ransomware Losses Climb as AI Pushes Phishing to New Heights

Ransomware Losses Climb as AI Pushes Phishing to New Heights 2025-09-09 at 16:39 By Kevin Townsend Based on real-world insurance claims, Resilience’s midyear report shows vendor risk is declining but costly, ransomware is evolving with triple extortion, and social engineering attacks are accelerating through AI. The post Ransomware Losses Climb as AI Pushes Phishing to

Ransomware Losses Climb as AI Pushes Phishing to New Heights Read More »

Attackers use “Contact Us” forms and fake NDAs to phish industrial manufacturing firms

Attackers use “Contact Us” forms and fake NDAs to phish industrial manufacturing firms 2025-08-29 at 14:19 By Zeljka Zorz A recently uncovered phishing campaign – carefully designed to bypass security defenses and avoid detection by its intended victims – is targeting firms in industrial manufacturing and other companies critical to various supply chains, Check Point

Attackers use “Contact Us” forms and fake NDAs to phish industrial manufacturing firms Read More »

Hackers Weaponize Trust with AI-Crafted Emails to Deploy ScreenConnect

Hackers Weaponize Trust with AI-Crafted Emails to Deploy ScreenConnect 2025-08-27 at 20:01 By Kevin Townsend AI-powered phishing attacks leverage ConnectWise ScreenConnect for remote access, underscoring their sophistication. The post Hackers Weaponize Trust with AI-Crafted Emails to Deploy ScreenConnect appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Hackers Weaponize Trust with AI-Crafted Emails to Deploy ScreenConnect Read More »

What CISOs can learn from Doppel’s new AI-driven social engineering simulation

What CISOs can learn from Doppel’s new AI-driven social engineering simulation 2025-08-27 at 07:51 By Sinisa Markovic Doppel has introduced a new product called Doppel Simulation, which expands its platform for defending against social engineering. The tool uses autonomous AI agents to create multi-channel simulations that mirror how attackers operate across email, SMS, messaging apps,

What CISOs can learn from Doppel’s new AI-driven social engineering simulation Read More »

URL-based threats become a go-to tactic for cybercriminals

URL-based threats become a go-to tactic for cybercriminals 2025-08-21 at 07:34 By Help Net Security Cybercriminals are using advanced social engineering and AI-generated content to make malicious URLs difficult for users to identify, according to Proofpoint. Whether through email, text messages, or collaboration apps, URL-based threats now dominate the cyber threat landscape. Attackers are not

URL-based threats become a go-to tactic for cybercriminals Read More »

Scroll to Top