Flux RSS

Push Security has uncovered a new AiTM phishing campaign targeting TikTok for Business accounts using Google and TikTok themed login pages

Tycoon2FA phishing platform resumes activity post-takedown, leveraging AITM techniques to bypass MFA

CISA and the Federal Bureau of Investigation released a Public Service Announcement (PSA) warning about ongoing phishing campaigns by cyber actors associated with the Russian Intelligence Services targeting commercial messaging applications (CMAs). These campaigns aim to bypass encryption to compromise to individual user accounts with targets including current and former U.S. government officials, military personnel, political figures, and journalists. Evidence shows that cyber actors have been able to compromise individual CMA accounts, but not encryption of the applications themselves. The actors’ global campaigns have resulted in unauthorized access to thousands of individual CMA accounts to view the victims’ messages and contact lists, send messages, and conduct additional phishing against other CMA accounts. CISA and FBI urge CMA users to review the PSA, follow recommended cybersecurity practices, and remain vigilant for suspicious activity.

Some of these campaigns are linked to Darcula, a Chinese-language phishing-as-a-service platform

Almost a quarter of the zero days detected by Google in 2025 targeted security and networking appliances

Ox Security warns that Mail2Shell could enable threat actors to hijack FreeScout systems without user interaction

Zscaler ThreatLabz assessed with medium to high confidence that an Iranian adversary targeted Iraq’s Ministry of Foreign Affairs in a new cyber-attack

Google Chrome initiates quantum-resistant measures via Merkle Tree Certificates to secure HTTPS

2025 saw 32M phishing emails, with identity threats surpassing vulnerabilities

Malicious NuGet package mimicking Stripe's library targeted developers

Phishing attack mimicking Bitpanda targets users, harvesting credentials and personal information

CrowdStrike Global Threat Report warns how adversaries are leveraging AI to make campaigns more efficient and more effective

A low-skilled Russian-speaking attacker has used GenAI tools to help deploy a successful attack workflow targeting FortiGate instances

A new cybercriminal toolkit uses proxies to mimic popular online services and represents a “significant escalation in phishing infrastructure,” warn researchers at Abnormal

Unit 42 researchers observed a low-skilled threat actor using an LLM to script a professional extortion strategy, complete with deadlines and pressure tactics

New phishing campaign dubbed Operation DoppelBrand targeted major financial firms like Wells Fargo

Google researchers found that government-backed hackers now use AI throughout the whole attack lifecycle

Cofense claims AI is making phishing emails more personalized and sophisticated

Multi-stage attack begins with fake message relating to business requests and evades detection with link hidden in a PDF

CrowdStrike assessed that two new threat actor groups have spun off from North Korean Labyrinth Chollima hackers