In late June 2025, a significant operational dump from North Korea's Kimsuky APT group surfaced on a dark-web forum, exposing virtual machine images, VPS infrastructure, customized malware and thousands of stolen credentials. This leak offers an unprecedented window into the group's espionage toolkit, revealing how Kimsuky conducts phishing campaigns, maintains persistence and evades detection within
Researchers warn that attackers are using compromised Amazon email accounts in spear-phishing attacks that may lead to ransomware infections.
Telecom Fiji announced on Saturday it has launched NetSafe, a new network-based cybersecurity service for businesses delivered in partnership with telecoms software firm Allot. The NetSafe service - which was officially launched at the end of the Pacific Fiber Conference 2025 in Fiji on Thursday - leverages the Allot Secure solution to offer protection against online threats including malware attacks, ransomware, phishing attempts and malicious websites that can infect devices or attempt to...
A large-scale phishing campaign was conducted by threat actors who abused Google Classroom to distribute over 115,000 malicious emails to more than 13,500 organizations globally. The campaign uncovered by Check Point unfolded in five distinct waves between August 6 and August 12, 2025, and weaponized the trusted educational platform to bypass conventional security filters. The
Defender just let two phishing mail's in to the mailbox. Online documentation isn't clear on this subject. I think it is strange that it is not allowed to change this policy. submitted by /u/Major-Manager998 [link] [comments]
Research shows financial institutions experience up to 300 times more cyberattacks than other sectors, with large banks reporting 45% of employees susceptible to phishing attacks KnowBe4, the world-renowned cybersecurity platform that comprehensively addresses human risk management, has released its latest research paper "Financial Sector Threats Report," uncovering critical insights into...
The advanced persistent threat (APT) actor known as Transparent Tribe has been observed targeting both Windows and BOSS (Bharat Operating System Solutions) Linux systems with malicious Desktop shortcut files in attacks targeting Indian Government entities. "Initial access is achieved through spear-phishing emails," CYFIRMA said. "Linux BOSS environments are targeted via weaponized .desktop
A sophisticated credential harvesting campaign has emerged, exploiting the trusted reputation of SendGrid to deliver phishing emails that successfully bypass traditional email security gateways. The attack leverages SendGrid's legitimate cloud-based email service platform to create authentic-looking communications that target unsuspecting users across multiple organizations. The campaign employs a multi-faceted approach, utilizing three distinct email themes
Phishing has always been about deceiving people. But in this campaign, the attackers weren't only targeting users; they also attempted to manipulate AI-based defenses. This is an evolution of the Gmail phishing chain I documented last week. That campaign relied on urgency and redirects, but this one introduces hidden AI prompts designed to confuse automated
submitted by /u/anuraggawande [link] [comments]
Phishing isn't what it used to be. It's no longer fake emails with bad grammar and sketchy links. With AI, modern phishing attacks have become slicker, more convincing, and dangerously...
Your team's ability to identify phishing attempts in their inboxes has the potential to make or break your entire security posture, which is why having an effective training program in...
submitted by /u/digicat [link] [comments]
What would be your detailed approach in safely investigating a phishing site if automated tools like urlscan.io or virustotal are not available? How would you analyze the actual contents of the site and determine that it's a phishing site? submitted by /u/DancingKodan [link] [comments]
Cybersecurity researchers have shed light on a novel attack chain that employs phishing emails to deliver an open-source backdoor called VShell. The "Linux-specific malware infection chain that starts with a spam email with a malicious RAR archive file," Trellix researcher Sagar Bade said in a technical write-up. "The payload isn't hidden inside the file content or a macro, it's encoded directly
A sophisticated South Asian Advanced Persistent Threat (APT) group has been conducting an extensive espionage campaign targeting military personnel and defense organizations across Sri Lanka, Bangladesh, Pakistan, and Turkey. The threat actors have deployed a multi-stage attack framework combining targeted phishing operations with novel Android malware to compromise the mobile devices of military-adjacent individuals. The
submitted by /u/digicat [link] [comments]
submitted by /u/digicat [link] [comments]
Cybersecurity researchers have observed a surge in phishing campaigns leveraging QR codes to deliver malicious payloads. This emerging threat, often dubbed "quishing," exploits the opaque nature of QR codes to conceal harmful URLs that redirect victims to credential-harvesting sites or malware downloads. Unlike traditional phishing links that can be flagged by email gateways, QR codes