social engineering

ClickFix campaign delivers Mac malware via fake Apple page

ClickFix campaign delivers Mac malware via fake Apple page 2026-04-10 at 17:22 By Zeljka Zorz Security researchers at Jamf have uncovered a new ClickFix-style attack targeting Mac users via a fake Apple-themed webpage offering instructions on how to “reclaim disk space on your Mac”. The malicious page (Source: Jamf) ClickFix for everybody ClickFix is a […]

ClickFix campaign delivers Mac malware via fake Apple page Read More »

Social engineering attacks on open source developers are escalating

Social engineering attacks on open source developers are escalating 2026-04-08 at 15:45 By Zeljka Zorz North Korean hackers spent weeks socially engineering an Axios maintainer through a fake Slack workspace, a cloned company identity, and a fabricated Microsoft Teams call that tricked him into installing a RAT posings as a software update. They used the

Social engineering attacks on open source developers are escalating Read More »

Professional Networks Under Attack: Vietnam-Linked Actors Deploy PXA Stealer in Global Infostealer Campaign

Professional Networks Under Attack: Vietnam-Linked Actors Deploy PXA Stealer in Global Infostealer Campaign 2026-03-30 at 18:31 By rohansinhacyblecom Executive Summary CRIL has been actively tracking a surge in PXA Stealer activity deployed in a sophisticated, financially motivated threat campaign attributed with high confidence to a Vietnam-based cybercriminal group. The primary targets in this campaign are

Professional Networks Under Attack: Vietnam-Linked Actors Deploy PXA Stealer in Global Infostealer Campaign Read More »

AI-Assisted Phishing Campaign Exploits Browser Permissions to Capture Victim Data

AI-Assisted Phishing Campaign Exploits Browser Permissions to Capture Victim Data 2026-03-16 at 08:24 By rohansinhacyblecom Executive Summary Cyble Research & Intelligence Labs (CRIL) has identified a widespread, highly active social engineering campaign hosted primarily on edgeone.app infrastructure. The initial access vectors are diverse — ranging from “ID Scanner,” and “Telegram ID Freezing,” to “Health Fund

AI-Assisted Phishing Campaign Exploits Browser Permissions to Capture Victim Data Read More »

HR, recruiters targeted in year-long malware campaign

HR, recruiters targeted in year-long malware campaign 2026-03-10 at 15:39 By Zeljka Zorz An attack campaign targeting HR departments and job recruiters has been stealthily compromising systems, Aryaka researchers have discovered. By avoiding analysis environments and leveraging a specialized module designed to kill antivirus and endpoint detection software, the Russian-speaking attacker(s) behind this campaign have

HR, recruiters targeted in year-long malware campaign Read More »

Fake Claude Code install pages highlight rise of “InstallFix” attacks

Fake Claude Code install pages highlight rise of “InstallFix” attacks 2026-03-09 at 12:58 By Zeljka Zorz Users looking for Anthropic’s Claude Code agentic AI coding tool are being tricked via fake Claude Code install pages into running malware, Push Security researchers have warned. The attackers behind this scheme are faithfully cloning Anthropic’s installation page, hosting

Fake Claude Code install pages highlight rise of “InstallFix” attacks Read More »

Threat actors weaponize OAuth redirection logic to deliver malware

Threat actors weaponize OAuth redirection logic to deliver malware 2026-03-03 at 19:46 By Zeljka Zorz An ongoing phishing campaign is abusing the OAuth authentication redirection mechanism to avoid triggering conventional email and browser defenses, Microsoft researchers have revealed. The attackers are targeting government and public-sector organizations, and redirecting unsuspecting users from trusted login pages to

Threat actors weaponize OAuth redirection logic to deliver malware Read More »

Scattered Lapsus$ Hunters seeks women for vishing attacks

Scattered Lapsus$ Hunters seeks women for vishing attacks 2026-02-26 at 14:55 By Zeljka Zorz The Scattered Lapsus$ Hunters (SLH) hacking collective has launched a recruitment push aimed specifically at women, offering cash payments for participating in voice-phishing (vishing) attacks. A few days ago, threat intelligence firm Dataminr detected posts on a public Telegram channel advertising

Scattered Lapsus$ Hunters seeks women for vishing attacks Read More »

ShinyHunters flip the script on MFA in new data theft attacks

ShinyHunters flip the script on MFA in new data theft attacks 2026-02-02 at 18:50 By Zeljka Zorz Multi-factor authentication (MFA) is supposed to defend against phishing attacks, but threat actors operating under the ShinyHunters banner are using it as a pretext in ongoing social engineering attacks aimed at bypassing it. Among those successfully targeted in

ShinyHunters flip the script on MFA in new data theft attacks Read More »

Desperate Perth Renters Targeted by Rising Australian Housing Scam

Desperate Perth Renters Targeted by Rising Australian Housing Scam 2026-02-02 at 15:39 By Ashish Khaitan For many residents in Perth, finding a rental has become a high-stakes challenge. As demand for housing surges, a troubling trend has just been revealed. An Australian housing scam preying on renters who are willing to stretch every dollar to secure a

Desperate Perth Renters Targeted by Rising Australian Housing Scam Read More »

Fake browser crash alerts turn Chrome extension into enterprise backdoor

Fake browser crash alerts turn Chrome extension into enterprise backdoor 2026-01-19 at 17:21 By Zeljka Zorz Browser extensions are a high-risk attack vector for enterprises, allowing threat actors to bypass traditional security controls and gain a foothold on corporate endpoints. Case in point: A recently identified malicious extension called NexShield proves that a single user

Fake browser crash alerts turn Chrome extension into enterprise backdoor Read More »

When the Olympics connect everything, attackers pay attention

When the Olympics connect everything, attackers pay attention 2026-01-19 at 09:19 By Anamarija Pogorelec Global sporting events bring a surge of network traffic, new systems, and short term partnerships. That mix draws attention from cyber threat actors who see opportunity in scale and distraction. A new Palo Alto Networks threat study on the Milan Cortina

When the Olympics connect everything, attackers pay attention Read More »

Cyber Insights 2026: Social Engineering

Cyber Insights 2026: Social Engineering 2026-01-16 at 14:45 By Kevin Townsend We’ve known that social engineering would get AI wings. Now, at the beginning of 2026, we are learning just how high those wings can soar. The post Cyber Insights 2026: Social Engineering appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Cyber Insights 2026: Social Engineering Read More »

Rakuten Viber CISO/CTO on balancing encryption, abuse prevention, and platform resilience

Rakuten Viber CISO/CTO on balancing encryption, abuse prevention, and platform resilience 2026-01-13 at 09:01 By Mirko Zorz In this Help Net Security interview, Liad Shnell, CISO and CTO at Rakuten Viber, discusses how messaging platforms have become critical infrastructure during crises and conflicts. He explains how it influences cybersecurity priorities, from encryption and abuse prevention

Rakuten Viber CISO/CTO on balancing encryption, abuse prevention, and platform resilience Read More »

Fake Booking.com emails and BSODs used to infect hospitality staff

Fake Booking.com emails and BSODs used to infect hospitality staff 2026-01-07 at 13:06 By Zeljka Zorz Suspected Russian attackers are targeting the hospitality sector with fake Booking.com emails and a fake “Blue Screen of Death” to deliver the DCRat malware. The malware delivery campaign starts with phishing emails that feature room charge details in euros,

Fake Booking.com emails and BSODs used to infect hospitality staff Read More »

RTO Scam Wave Continues: A Surge in Browser-Based e-Challan Phishing and Shared Fraud Infrastructure

RTO Scam Wave Continues: A Surge in Browser-Based e-Challan Phishing and Shared Fraud Infrastructure 2025-12-23 at 17:22 By rohansinhacyblecom Following our earlier reporting on RTO-themed threats, CRIL observed a renewed phishing wave abusing the e-Challan ecosystem to conduct financial fraud. Unlike earlier Android malware-driven campaigns, this activity relies entirely on browser-based phishing, significantly lowering the

RTO Scam Wave Continues: A Surge in Browser-Based e-Challan Phishing and Shared Fraud Infrastructure Read More »

Stealth in Layers: Unmasking the Loader used in Targeted Email Campaigns

Stealth in Layers: Unmasking the Loader used in Targeted Email Campaigns 2025-12-19 at 14:43 By rohansinhacyblecom Executive Summary CRIL (Cyble Research and Intelligence Labs) has been tracking a sophisticated commodity loader utilized by multiple high-capability threat actors. The campaign demonstrates a high degree of regional and sectoral specificity, primarily targeting Manufacturing and Government organizations across

Stealth in Layers: Unmasking the Loader used in Targeted Email Campaigns Read More »

Crypto theft in 2025: North Korean hackers continue to dominate

Crypto theft in 2025: North Korean hackers continue to dominate 2025-12-18 at 17:42 By Zeljka Zorz When they strike cryptocurrency-related targets, North Korean hacking groups are increasingly aiming for large services where a single breach can move serious money, a new Chainalysis report on crypto theft in 2025 revealed. “North Korean hackers stole $2.02 billion

Crypto theft in 2025: North Korean hackers continue to dominate Read More »

The collapse of trust at the identity layer

The collapse of trust at the identity layer 2025-12-02 at 07:49 By Anamarija Pogorelec Identity verification has become the latest front in the fight against industrialized fraud, according to a new report from Regula. The shift is visible across sectors that once relied on predictable verification routines. Criminals have learned to target the identity step

The collapse of trust at the identity layer Read More »

Scroll to Top