social engineering

AI-Assisted Phishing Campaign Exploits Browser Permissions to Capture Victim Data

AI, Credential Harvesting, infostealer, phishing, social engineering /

AI-Assisted Phishing Campaign Exploits Browser Permissions to Capture Victim Data 2026-03-16 at 08:24 By rohansinhacyblecom Executive Summary Cyble Research & Intelligence Labs (CRIL) has identified a widespread, highly active social engineering campaign hosted primarily on edgeone.app infrastructure. The initial access vectors are diverse — ranging from “ID Scanner,” and “Telegram ID Freezing,” to “Health Fund […]

AI-Assisted Phishing Campaign Exploits Browser Permissions to Capture Victim Data Read More »

HR, recruiters targeted in year-long malware campaign

Aryaka, Don't miss, Hot stuff, Human Resources, Malware, News, phishing, social engineering /

HR, recruiters targeted in year-long malware campaign 2026-03-10 at 15:39 By Zeljka Zorz An attack campaign targeting HR departments and job recruiters has been stealthily compromising systems, Aryaka researchers have discovered. By avoiding analysis environments and leveraging a specialized module designed to kill antivirus and endpoint detection software, the Russian-speaking attacker(s) behind this campaign have

HR, recruiters targeted in year-long malware campaign Read More »

Fake Claude Code install pages highlight rise of “InstallFix” attacks

Anthropic, Claude Code, Don't miss, Google Search, Hot stuff, malvertising, News, programming, Push Security, social engineering, software development /

Fake Claude Code install pages highlight rise of “InstallFix” attacks 2026-03-09 at 12:58 By Zeljka Zorz Users looking for Anthropic’s Claude Code agentic AI coding tool are being tricked via fake Claude Code install pages into running malware, Push Security researchers have warned. The attackers behind this scheme are faithfully cloning Anthropic’s installation page, hosting

Fake Claude Code install pages highlight rise of “InstallFix” attacks Read More »

Threat actors weaponize OAuth redirection logic to deliver malware

Don't miss, Government, Hot stuff, Malware, Microsoft, News, OAuth, phishing, public sector, social engineering /

Threat actors weaponize OAuth redirection logic to deliver malware 2026-03-03 at 19:46 By Zeljka Zorz An ongoing phishing campaign is abusing the OAuth authentication redirection mechanism to avoid triggering conventional email and browser defenses, Microsoft researchers have revealed. The attackers are targeting government and public-sector organizations, and redirecting unsuspecting users from trusted login pages to

Threat actors weaponize OAuth redirection logic to deliver malware Read More »

Scattered Lapsus$ Hunters seeks women for vishing attacks

cybercriminals, Dataminr, Don't miss, Hot stuff, News, social engineering, tips, vishing /

Scattered Lapsus$ Hunters seeks women for vishing attacks 2026-02-26 at 14:55 By Zeljka Zorz The Scattered Lapsus$ Hunters (SLH) hacking collective has launched a recruitment push aimed specifically at women, offering cash payments for participating in voice-phishing (vishing) attacks. A few days ago, threat intelligence firm Dataminr detected posts on a public Telegram channel advertising

Scattered Lapsus$ Hunters seeks women for vishing attacks Read More »

ShinyHunters flip the script on MFA in new data theft attacks

data theft, Don't miss, extortion, Google Cloud, Hot stuff, Mandiant, News, Silent Push, social engineering, SSO, tips, vishing /

ShinyHunters flip the script on MFA in new data theft attacks 2026-02-02 at 18:50 By Zeljka Zorz Multi-factor authentication (MFA) is supposed to defend against phishing attacks, but threat actors operating under the ShinyHunters banner are using it as a pretext in ongoing social engineering attacks aimed at bypassing it. Among those successfully targeted in

ShinyHunters flip the script on MFA in new data theft attacks Read More »

Desperate Perth Renters Targeted by Rising Australian Housing Scam

ANZ, cyber news, cybercrime, fraud, social engineering, Tech Scam /

Desperate Perth Renters Targeted by Rising Australian Housing Scam 2026-02-02 at 15:39 By Ashish Khaitan For many residents in Perth, finding a rental has become a high-stakes challenge. As demand for housing surges, a troubling trend has just been revealed. An Australian housing scam preying on renters who are willing to stretch every dollar to secure a

Desperate Perth Renters Targeted by Rising Australian Housing Scam Read More »

Fake browser crash alerts turn Chrome extension into enterprise backdoor

browser, Chrome, Chrome Web Store, Don't miss, enterprise, extension, Hot stuff, Huntress, Microsoft Edge, News, Remote Access Trojan, social engineering, Socket /

Fake browser crash alerts turn Chrome extension into enterprise backdoor 2026-01-19 at 17:21 By Zeljka Zorz Browser extensions are a high-risk attack vector for enterprises, allowing threat actors to bypass traditional security controls and gain a foothold on corporate endpoints. Case in point: A recently identified malicious extension called NexShield proves that a single user

Fake browser crash alerts turn Chrome extension into enterprise backdoor Read More »

When the Olympics connect everything, attackers pay attention

cybersecurity, News, Palo Alto Networks, phishing, report, social engineering, threat /

When the Olympics connect everything, attackers pay attention 2026-01-19 at 09:19 By Anamarija Pogorelec Global sporting events bring a surge of network traffic, new systems, and short term partnerships. That mix draws attention from cyber threat actors who see opportunity in scale and distraction. A new Palo Alto Networks threat study on the Milan Cortina

When the Olympics connect everything, attackers pay attention Read More »

Cyber Insights 2026: Social Engineering

AI, Artificial Intelligence, cybercrime, CyberInsights2025, CyberInsights2026, social engineering /

Cyber Insights 2026: Social Engineering 2026-01-16 at 14:45 By Kevin Townsend We’ve known that social engineering would get AI wings. Now, at the beginning of 2026, we are learning just how high those wings can soar. The post Cyber Insights 2026: Social Engineering appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Cyber Insights 2026: Social Engineering Read More »

Rakuten Viber CISO/CTO on balancing encryption, abuse prevention, and platform resilience

Artificial Intelligence, backup, cybersecurity, Don't miss, Encryption, Features, Hot stuff, Incident Response, messaging, News, Rakuten Viber, security controls, social engineering /

Rakuten Viber CISO/CTO on balancing encryption, abuse prevention, and platform resilience 2026-01-13 at 09:01 By Mirko Zorz In this Help Net Security interview, Liad Shnell, CISO and CTO at Rakuten Viber, discusses how messaging platforms have become critical infrastructure during crises and conflicts. He explains how it influences cybersecurity priorities, from encryption and abuse prevention

Rakuten Viber CISO/CTO on balancing encryption, abuse prevention, and platform resilience Read More »

Fake Booking.com emails and BSODs used to infect hospitality staff

Don't miss, Europe, hospitality industry, Hot stuff, Malware, News, phishing, Remote Access Trojan, Securonix, social engineering /

Fake Booking.com emails and BSODs used to infect hospitality staff 2026-01-07 at 13:06 By Zeljka Zorz Suspected Russian attackers are targeting the hospitality sector with fake Booking.com emails and a fake “Blue Screen of Death” to deliver the DCRat malware. The malware delivery campaign starts with phishing emails that feature room charge details in euros,

Fake Booking.com emails and BSODs used to infect hospitality staff Read More »

RTO Scam Wave Continues: A Surge in Browser-Based e-Challan Phishing and Shared Fraud Infrastructure

phishing, scam, social engineering, Tech Scam /

RTO Scam Wave Continues: A Surge in Browser-Based e-Challan Phishing and Shared Fraud Infrastructure 2025-12-23 at 17:22 By rohansinhacyblecom Following our earlier reporting on RTO-themed threats, CRIL observed a renewed phishing wave abusing the e-Challan ecosystem to conduct financial fraud. Unlike earlier Android malware-driven campaigns, this activity relies entirely on browser-based phishing, significantly lowering the

RTO Scam Wave Continues: A Surge in Browser-Based e-Challan Phishing and Shared Fraud Infrastructure Read More »

Stealth in Layers: Unmasking the Loader used in Targeted Email Campaigns

cyberattack, exploit, Malware, phishing, Remote Access Trojan, social engineering, trojan, vulnerability /

Stealth in Layers: Unmasking the Loader used in Targeted Email Campaigns 2025-12-19 at 14:43 By rohansinhacyblecom Executive Summary CRIL (Cyble Research and Intelligence Labs) has been tracking a sophisticated commodity loader utilized by multiple high-capability threat actors. The campaign demonstrates a high degree of regional and sectoral specificity, primarily targeting Manufacturing and Government organizations across

Stealth in Layers: Unmasking the Loader used in Targeted Email Campaigns Read More »

Crypto theft in 2025: North Korean hackers continue to dominate

Chainalysis, Cryptocurrency, Don't miss, Hot stuff, Insider Threat, News, North Korea, social engineering, theft /

Crypto theft in 2025: North Korean hackers continue to dominate 2025-12-18 at 17:42 By Zeljka Zorz When they strike cryptocurrency-related targets, North Korean hacking groups are increasingly aiming for large services where a single breach can move serious money, a new Chainalysis report on crypto theft in 2025 revealed. “North Korean hackers stole $2.02 billion

Crypto theft in 2025: North Korean hackers continue to dominate Read More »

The collapse of trust at the identity layer

automation, cybersecurity, deepfakes, fraud, identity verification, News, Regula, report, security metrics, social engineering /

The collapse of trust at the identity layer 2025-12-02 at 07:49 By Anamarija Pogorelec Identity verification has become the latest front in the fight against industrialized fraud, according to a new report from Regula. The shift is visible across sectors that once relied on predictable verification routines. Criminals have learned to target the identity step

The collapse of trust at the identity layer Read More »

Fake “Windows Update” screens fuels new wave of ClickFix attacks

Don't miss, Hot stuff, Huntress, Malware, News, social engineering, Windows /

Fake “Windows Update” screens fuels new wave of ClickFix attacks 2025-11-25 at 15:02 By Zeljka Zorz A convincing (but fake) “Windows Update” screen can be the perfect lure for tricking users into infecting their computers with malware. Add a multi-stage delivery chain with some offbeat techniques, and infostealer operators have everything they need to slip

Fake “Windows Update” screens fuels new wave of ClickFix attacks Read More »

Doppel Raises $70 Million at $600 Million Valuation

Cybersecurity Funding, Doppel, funding, social engineering /

Doppel Raises $70 Million at $600 Million Valuation 2025-11-20 at 16:18 By Ionut Arghire The AI-native social engineering defense (SED) platform will accelerate product innovation and expand its offerings. The post Doppel Raises $70 Million at $600 Million Valuation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Doppel Raises $70 Million at $600 Million Valuation Read More »

The long conversations that reveal how scammers work

cybercrime, cybersecurity, Don't miss, fraud, Hot stuff, LLMs, messaging, News, research, scams, social engineering, WhatsApp /

The long conversations that reveal how scammers work 2025-11-19 at 09:08 By Sinisa Markovic Online scammers often take weeks to build trust before making a move, which makes their work hard to study. A research team from UC San Diego built a system that does the patient work of talking to scammers at scale, and

The long conversations that reveal how scammers work Read More »

Attackers upgrade ClickFix with tricks used by online stores

Don't miss, Hot stuff, Malware, News, Push Security, social engineering /

Attackers upgrade ClickFix with tricks used by online stores 2025-11-07 at 15:42 By Zeljka Zorz Attackers have taken the ClickFix technique further, with pages borrowing tricks from online sellers to pressure victims into performing the steps that will lead to a malware infection. Push Security has spotted one of these pages, showing an embedded tutorial

Attackers upgrade ClickFix with tricks used by online stores Read More »

Scroll to Top