The group that it was making available for download emails and other documents from Patel’s account. The post Pro-Iranian Hacking Group Claims Credit for Hack of FBI Director Kash Patel’s Personal Account appeared first on SecurityWeek.
Push Security has uncovered a new AiTM phishing campaign targeting TikTok for Business accounts using Google and TikTok themed login pages
Tycoon2FA phishing platform resumes activity post-takedown, leveraging AITM techniques to bypass MFA
Some of these campaigns are linked to Darcula, a Chinese-language phishing-as-a-service platform
Almost a quarter of the zero days detected by Google in 2025 targeted security and networking appliances
Ox Security warns that Mail2Shell could enable threat actors to hijack FreeScout systems without user interaction
Zscaler ThreatLabz assessed with medium to high confidence that an Iranian adversary targeted Iraq’s Ministry of Foreign Affairs in a new cyber-attack
Google Chrome initiates quantum-resistant measures via Merkle Tree Certificates to secure HTTPS
2025 saw 32M phishing emails, with identity threats surpassing vulnerabilities
Malicious NuGet package mimicking Stripe's library targeted developers
Phishing attack mimicking Bitpanda targets users, harvesting credentials and personal information
CrowdStrike Global Threat Report warns how adversaries are leveraging AI to make campaigns more efficient and more effective
A low-skilled Russian-speaking attacker has used GenAI tools to help deploy a successful attack workflow targeting FortiGate instances
A new cybercriminal toolkit uses proxies to mimic popular online services and represents a “significant escalation in phishing infrastructure,” warn researchers at Abnormal
Unit 42 researchers observed a low-skilled threat actor using an LLM to script a professional extortion strategy, complete with deadlines and pressure tactics
New phishing campaign dubbed Operation DoppelBrand targeted major financial firms like Wells Fargo
Google researchers found that government-backed hackers now use AI throughout the whole attack lifecycle
Cofense claims AI is making phishing emails more personalized and sophisticated
Multi-stage attack begins with fake message relating to business requests and evades detection with link hidden in a PDF
CrowdStrike assessed that two new threat actor groups have spun off from North Korean Labyrinth Chollima hackers