New Wave of AiTM Phishing Targets TikTok for Business
Threat IntelligenceInfosecurity Magazineil y a 19 heures
Push Security has uncovered a new AiTM phishing campaign targeting TikTok for Business accounts using Google and TikTok themed login pages
Flux RSS
— Sources secondairesIn Other News: Palo Alto Recruiter Scam, Anti-Deepfake Chip, Google Sets 2029 Quantum Deadline
Fuites de donnéesSecurityWeekil y a 21 heures
Other noteworthy stories that might have slipped under the radar: Heritage Bank data breach, new State Department unit tackles cyber threats, LA Metro disruptions. The post In Other News: Palo Alto Recruiter Scam, Anti-Deepfake Chip, Google Sets 2029 Quantum Deadline appeared first on SecurityWeek.
Handala Group Tied to Iranian Hack‑and‑Leak Operations, FBI Reveals
Fuites de donnéesInfosecurity Magazineil y a 4 jours
The FBI has warned that Iranian hacking group Handala has been targeting opponents of the regime since 2023
Tycoon2FA Phishing Service Resumes Activity Post-Takedown
Threat IntelligenceInfosecurity Magazineil y a 5 jours
Tycoon2FA phishing platform resumes activity post-takedown, leveraging AITM techniques to bypass MFA
Researchers Warn of Global Surge in Fake Shipment Tracking Scams
Threat IntelligenceInfosecurity Magazineil y a 12 jours
Some of these campaigns are linked to Darcula, a Chinese-language phishing-as-a-service platform
Ericsson Breach Exposes Data of 15k Employees and Customers
Fuites de donnéesInfosecurity Magazineil y a 18 jours
Ericsson data breach affects 15k employees/customers after third-party service provider compromise
Zero‑Day Attacks on Enterprise Software Reach Record High, Google Warns
Threat IntelligenceInfosecurity Magazineil y a 22 jours
Almost a quarter of the zero days detected by Google in 2025 targeted security and networking appliances
Zero-Click FreeScout Bug Enables Remote Code Execution
Threat IntelligenceInfosecurity Magazineil y a 23 jours
Ox Security warns that Mail2Shell could enable threat actors to hijack FreeScout systems without user interaction
Europol Operation Seizes LeakBase Data Breach Site
Fuites de donnéesInfosecurity Magazineil y a 23 jours
A global operation has resulted in the takedown of popular cybercrime forum LeakBase
Leaked Database Sheds Light on Iranian Crypto Sanctions Evasion
Fuites de donnéesInfosecurity Magazineil y a 25 jours
Ariomex database reveals potential sanctions evasion and capital transfers tied to Iranian actors
Huge “Shadow Layer” of Organizations Hit by Supply Chain Attacks
Fuites de donnéesInfosecurity Magazineil y a 25 jours
Black Kite reveals 26,000 unnamed corporate victims linked to 136 third-party breaches
Iranian Cyber Threat Actor Targets Iraqi Government Officials in AI-Powered Campaign
Threat IntelligenceInfosecurity Magazineil y a 25 jours
Zscaler ThreatLabz assessed with medium to high confidence that an Iranian adversary targeted Iraq’s Ministry of Foreign Affairs in a new cyber-attack
Chrome Unveils Plan For Quantum-Safe HTTPS Certificates
Threat IntelligenceInfosecurity Magazineil y a 26 jours
Google Chrome initiates quantum-resistant measures via Merkle Tree Certificates to secure HTTPS
North Korea's APT37 Expands Toolkit to Breach Air-Gapped Networks
Fuites de donnéesInfosecurity Magazineil y a 29 jours
The security researchers from Zscaler ThreatLabz have also discovered five new tools deployed by the North Korean hacking group
Darktrace Flags 32 Million Phishing Emails in 2025 as Identity Attacks Intensify
Threat IntelligenceInfosecurity Magazineil y a 30 jours
2025 saw 32M phishing emails, with identity threats surpassing vulnerabilities
Malicious NuGet Package Targets Stripe Developers
Threat IntelligenceInfosecurity Magazineil y a 31 jours
Malicious NuGet package mimicking Stripe's library targeted developers
Multifaceted Phishing Scheme Deceives Bitpanda Customers
Threat IntelligenceInfosecurity Magazineil y a 32 jours
Phishing attack mimicking Bitpanda targets users, harvesting credentials and personal information
AI-powered Cyber-Attacks Up Significantly in the Last Year, Warns CrowdStrike
Threat IntelligenceInfosecurity Magazineil y a 32 jours
CrowdStrike Global Threat Report warns how adversaries are leveraging AI to make campaigns more efficient and more effective
Russian Cyber Threat Actor Uses GenAI to Compromise Fortinet Firewalls
Threat IntelligenceInfosecurity Magazineil y a 33 jours
A low-skilled Russian-speaking attacker has used GenAI tools to help deploy a successful attack workflow targeting FortiGate instances
Starkiller: New ‘Commercial-Grade’ Phishing Kit Bypasses MFA
Threat IntelligenceInfosecurity Magazineil y a 37 jours
A new cybercriminal toolkit uses proxies to mimic popular online services and represents a “significant escalation in phishing infrastructure,” warn researchers at Abnormal