#phishing

[ follow ]
#cybersecurity #malware #cybercrime #data-breach #social-engineering #ransomware #scams #ai #data-theft
#social-engineering
Privacy professionals
fromSecuritymagazine
21 hours ago

FBI Warning: IT Personnel Impersonated by Cybercriminals

Silent Ransom Group targets law firms using social engineering to impersonate IT support, gain remote or physical access, and exfiltrate sensitive data quickly.
Privacy professionals
fromMail Online
1 week ago

Warning to iPhone users over 'high alert' scam stealing lifesavings

Scammers send fake “Apple high alert” texts to trick iPhone users into wiring money to fraud accounts through social engineering.
Privacy professionals
fromSecuritymagazine
21 hours ago

FBI Warning: IT Personnel Impersonated by Cybercriminals

Silent Ransom Group targets law firms using social engineering to impersonate IT support, gain remote or physical access, and exfiltrate sensitive data quickly.
Privacy professionals
fromMail Online
1 week ago

Warning to iPhone users over 'high alert' scam stealing lifesavings

Scammers send fake “Apple high alert” texts to trick iPhone users into wiring money to fraud accounts through social engineering.
more#social-engineering
#cybersecurity
fromtheregister
5 hours ago
Privacy professionals

FBI: Get to know your IT guy - extortion crews are visiting law firms pretending to be tech support

Information security
fromSecuritymagazine
6 days ago

Security Leaders Should Prepare for World Cup Scams

Cybercriminals may exploit the 2026 World Cup to launch scams, using AI and deepfakes, while employee device misuse can turn attackers into insider threats.
fromtheregister
1 week ago
Information security

Poland directs officials to ditch Signal in favor of 'secure' state-developed alternative

Information security
fromFortune
2 weeks ago

Exclusive: Index Ventures backs Frame's $50 million bet that employees are still cybersecurity's weakest link | Fortune

AI-enabled phishing makes employees a primary attack surface, driving demand for realistic, company-specific human risk security training.
Information security
fromtheregister
3 weeks ago

Iran cybersnoops still LARPing as ransomware crooks in espionage ops

An Iranian intelligence cyber unit disguised as the Chaos ransomware gang conducted a state-sponsored espionage operation using sophisticated phishing techniques.
Privacy professionals
fromtheregister
5 hours ago

FBI: Get to know your IT guy - extortion crews are visiting law firms pretending to be tech support

Silent Ransom Group targets US law firms by impersonating IT staff and using in-person thumb-drive access to copy files for later extortion.
Information security
fromSecuritymagazine
6 days ago

Security Leaders Should Prepare for World Cup Scams

Cybercriminals may exploit the 2026 World Cup to launch scams, using AI and deepfakes, while employee device misuse can turn attackers into insider threats.
Information security
fromtheregister
1 week ago

Poland directs officials to ditch Signal in favor of 'secure' state-developed alternative

Poland urges government officials to stop using Signal due to security risks from APT-linked social engineering and phishing that can compromise accounts and sensitive communications.
Privacy professionals
fromTechzine Global
2 weeks ago

Hackers tipped off Dutch telco Odido about its own data breach

Odido learned two days late that a February hack caused a massive customer data breach, with phishing access and delayed discovery of stolen data.
Information security
fromFortune
2 weeks ago

Exclusive: Index Ventures backs Frame's $50 million bet that employees are still cybersecurity's weakest link | Fortune

AI-enabled phishing makes employees a primary attack surface, driving demand for realistic, company-specific human risk security training.
Information security
fromtheregister
3 weeks ago

Iran cybersnoops still LARPing as ransomware crooks in espionage ops

An Iranian intelligence cyber unit disguised as the Chaos ransomware gang conducted a state-sponsored espionage operation using sophisticated phishing techniques.
more#cybersecurity
#malware
Information security
fromSecuritymagazine
21 hours ago

Windows Users Targeted in New Phishing Campaign

A phishing campaign uses purchase-order emails to deliver encrypted JavaScript that decrypts PowerShell, performs process hollowing, and downloads adaptive modules via remote C2.
Information security
fromTheregister
1 month ago

Fake Linux Foundation leader using Slack to phish devs

A malware campaign targets open source developers via Slack, impersonating a Linux Foundation official to steal credentials and compromise systems.
Information security
fromSecuritymagazine
21 hours ago

Windows Users Targeted in New Phishing Campaign

A phishing campaign uses purchase-order emails to deliver encrypted JavaScript that decrypts PowerShell, performs process hollowing, and downloads adaptive modules via remote C2.
Information security
fromThe Hacker News
1 month ago

UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign

A new malware campaign targeting Ukrainian healthcare institutions has been identified, utilizing deceptive emails to deliver malicious payloads.
Information security
fromTheregister
1 month ago

Fake Linux Foundation leader using Slack to phish devs

A malware campaign targets open source developers via Slack, impersonating a Linux Foundation official to steal credentials and compromise systems.
more#malware
Information security
fromTechRepublic
19 hours ago

FBI Warns: 'Kali365' Phishing Service Targets Microsoft 365 Accounts

Kali365 phishing-as-a-service hijacks Microsoft 365 accounts by abusing device code authentication to capture OAuth tokens without passwords or additional MFA.
#cybercrime
Information security
fromSecurityWeek
13 hours ago

FBI: Hackers Sending Operatives in Person to Insert USB Drives and Steal Data

Silent Ransom Group impersonates IT support to gain remote access, exfiltrate data, and extort victims after phishing and social engineering attacks.
Privacy professionals
fromtheregister
1 week ago

Crook leaks 468k+ records, claims they pwned Portugal's postal carrier

Parcel tracking codes and personal details in a CTT-related leak can enable highly convincing phishing emails and SMS messages.
Information security
fromThe Hacker News
3 weeks ago

Silver Fox Deploys ABCDoor Malware via Tax-Themed Phishing in India and Russia

A China-based cybercrime group is targeting organizations in Russia and India with a new malware called ABCDoor via phishing emails.
Information security
fromSecurityWeek
13 hours ago

FBI: Hackers Sending Operatives in Person to Insert USB Drives and Steal Data

Silent Ransom Group impersonates IT support to gain remote access, exfiltrate data, and extort victims after phishing and social engineering attacks.
Privacy professionals
fromtheregister
1 week ago

Crook leaks 468k+ records, claims they pwned Portugal's postal carrier

Parcel tracking codes and personal details in a CTT-related leak can enable highly convincing phishing emails and SMS messages.
Information security
fromThe Hacker News
3 weeks ago

Silver Fox Deploys ABCDoor Malware via Tax-Themed Phishing in India and Russia

A China-based cybercrime group is targeting organizations in Russia and India with a new malware called ABCDoor via phishing emails.
more#cybercrime
UK politics
fromtheregister
1 day ago

Experts pour cold borscht on Farage's Russian hack claim

Digital forensics experts say proving a hack came from Russia requires evidence beyond disguised email sources or non-unique malware code.
Information security
fromSecurityWeek
1 day ago

Iranian APT Targets Aviation, Software Companies With Updated Tools

Nimbus Manticore updated phishing and payload execution methods, using AppDomain hijacking and new backdoors to target aviation and software organizations.
Information security
fromThe Hacker News
2 days ago

Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos

A poisoned VS Code extension led to GitHub repository exfiltration, showing evolving software supply chain threats and smarter phishing and botnet activity.
#ghostwriter
Information security
fromThe Hacker News
5 days ago

Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware

Ghostwriter targets Ukrainian government organizations using Prometheus-themed phishing lures, delivering JavaScript that writes encrypted payloads, collects system data, and runs Cobalt Strike.
Information security
fromThe Hacker News
1 week ago

Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike

Ghostwriter/FrostyNeighbor conducts persistent, adaptive cyber operations against Eastern European government targets using evolving malware, phishing, and credential abuse.
Information security
fromThe Hacker News
5 days ago

Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware

Ghostwriter targets Ukrainian government organizations using Prometheus-themed phishing lures, delivering JavaScript that writes encrypted payloads, collects system data, and runs Cobalt Strike.
Information security
fromThe Hacker News
1 week ago

Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike

Ghostwriter/FrostyNeighbor conducts persistent, adaptive cyber operations against Eastern European government targets using evolving malware, phishing, and credential abuse.
more#ghostwriter
Information security
fromtheregister
5 days ago

FBI warns Kali365 phishing kit is stealing Microsoft OAuth tokens at scale

Stolen Microsoft OAuth tokens from phishing kits can bypass MFA and grant attackers access to email and Teams accounts without credentials.
#data-breach
Privacy professionals
fromTechRepublic
4 weeks ago

ADT Confirms Major Data Breach Exposing Millions of Names, Partial SSNs

ADT's home security systems were not compromised, but customer data including names and partial Social Security numbers was exposed in a data breach.
fromEngadget
1 month ago
France news

France's national agency for managing IDs and passports suffered a data breach last week

Privacy professionals
fromTechCrunch
1 month ago

Booking.com confirms hackers accessed customers' data | TechCrunch

Hackers accessed Booking.com customers' personal data, including names, emails, and booking details, prompting notifications to affected users.
Privacy professionals
fromTheregister
1 month ago

Booking.com warns of possible reservation data exposure

Booking.com warns customers of potential data exposure due to unauthorized access, affecting reservation details but not financial information.
Information security
fromSecuritymagazine
1 week ago

Should Customers Worry About the 7-Eleven Data Breach?

Unauthorized access exposed franchise application information stored in 7-Eleven systems, potentially including names and addresses, with other elements unconfirmed.
Privacy professionals
fromtheregister
2 weeks ago

BWH Hotels guests warned after reservation data checks out with cybercrooks

BWH Hotels reported a third-party breach exposing guest contact and reservation data from October 2025 to April 2026, with no payment details involved.
Privacy professionals
fromTechRepublic
4 weeks ago

ADT Confirms Major Data Breach Exposing Millions of Names, Partial SSNs

ADT's home security systems were not compromised, but customer data including names and partial Social Security numbers was exposed in a data breach.
France news
fromEngadget
1 month ago

France's national agency for managing IDs and passports suffered a data breach last week

France Titres confirmed a security breach exposing personal data, including names and contact information, with potential for phishing attacks.
Privacy professionals
fromTechCrunch
1 month ago

Booking.com confirms hackers accessed customers' data | TechCrunch

Hackers accessed Booking.com customers' personal data, including names, emails, and booking details, prompting notifications to affected users.
Privacy professionals
fromTheregister
1 month ago

Booking.com warns of possible reservation data exposure

Booking.com warns customers of potential data exposure due to unauthorized access, affecting reservation details but not financial information.
more#data-breach
Privacy professionals
fromSecurityWeek
1 week ago

B1ack's Stash Marketplace Gives Away 4.6 Million Stolen Credit Cards

4.6 million stolen credit card records were released for free, containing full card details and likely enabling illicit payment fraud.
Podcast
fromWGB
1 week ago

PlayStation Podcaster Colin Moriarty Loses PSN Account Due To Ongoing Security Hole

A PlayStation account was hacked without phishing, with email flooding, email change, and 2FA disabled, followed by a warning message to a co-host.
Information security
fromThe Hacker News
1 week ago

How to Reduce Phishing Exposure Before It Turns into Business Disruption

Early phishing detection turns uncertain exposure into evidence, speeds response, and prevents one click from escalating into account compromise, remote access, or disruption.
fromWIRED
1 week ago
Information security

Cybercriminal Twins Caught After They Forgot to Turn Off Microsoft Teams Recording

Stolen iPhones enable phishing targeting contacts, while cyberattacks, drone experiments, maritime blockades, and insider sabotage expand security risks.
fromnews.bitcoin.com
1 week ago

Ripple's Schwartz Warns XRP Users to Stay Safe From Giveaway Scams

SCAM ALERT: There has been a huge escalation lately in airdrop and giveaway scams targetting XRPL users lately. Any such posts you see are likely scams. Ripple-linked fraud warnings in recent months have also covered phishing operations targeting XRP holders through fake verification requests and malicious wallet prompts. Some schemes encouraged users to connect wallets or submit sensitive recovery information through unofficial channels masquerading as trusted XRP resources.
Information security
Information security
fromWIRED
1 week ago

Your iPhone Gets Stolen. Then the Hacking Begins

Cybercrime services sell iPhone unlocking tools and phishing technology, enabling resale of unlocked, wiped devices and driving rapid growth in related phishing domains.
#credential-theft
Information security
fromSecurityWeek
2 weeks ago

Over 500 Organizations Hit in Years-Long Phishing Campaign

Operation HookedWing has stolen over 2,000 credentials from 500+ organizations using long-running, adaptive phishing infrastructure and targeted lures across many sectors.
Information security
fromThe Hacker News
3 weeks ago

Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries

A large-scale credential theft campaign targeted over 35,000 users using legitimate email services and code of conduct-themed lures.
Information security
fromSecurityWeek
2 weeks ago

Over 500 Organizations Hit in Years-Long Phishing Campaign

Operation HookedWing has stolen over 2,000 credentials from 500+ organizations using long-running, adaptive phishing infrastructure and targeted lures across many sectors.
Information security
fromThe Hacker News
3 weeks ago

Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries

A large-scale credential theft campaign targeted over 35,000 users using legitimate email services and code of conduct-themed lures.
more#credential-theft
#icloud
Apple
fromFast Company
2 weeks ago

If you see this iCloud message on your iPhone, don't click it-it's a scam

Phishing messages impersonate Apple to trick iPhone users into clicking links that steal Apple ID and payment details or deliver malware.
Apple
fromFast Company
2 weeks ago

If you see this iCloud message on your iPhone, don't click it-it's a scam

Phishing messages impersonate Apple to trick iPhone users into clicking links that steal Apple ID and payment details or deliver malware.
more#icloud
Information security
fromMedium
3 weeks ago

Unmasking SHub Stealer: A Deep Dive into a Sophisticated macOS Info-Stealer Masquerading as GitHub...

A phishing page mimics GitHub Desktop for macOS and uses an obfuscated Terminal command to deliver an aggressive macOS information stealer.
Information security
fromTechRepublic
3 weeks ago

New WhatsApp Flaws Could Affect Billions of Users After Meta Security Patch

Meta patched two WhatsApp vulnerabilities affecting iOS, Android, and Windows users, enhancing security against risky files and links.
Information security
fromTechCrunch
3 weeks ago

OpenAI announces new advanced security for ChatGPT accounts, including a partnership with Yubico | TechCrunch

OpenAI launched Advanced Account Security with Yubico to enhance protection against phishing for ChatGPT users.
#robinhood
Deliverability
fromTechRepublic
4 weeks ago

Hackers Abuse Robinhood Signup Process to Deliver Phishing Emails

Robinhood users received phishing emails that appeared legitimate, exploiting a flaw in the account creation process to steal login credentials.
Deliverability
fromSecurityWeek
4 weeks ago

Robinhood Vulnerability Exploited for Phishing Attacks

Cybercriminals exploited Robinhood's account creation process to send phishing emails, but no personal information or funds were compromised.
Deliverability
fromTechRepublic
4 weeks ago

Hackers Abuse Robinhood Signup Process to Deliver Phishing Emails

Robinhood users received phishing emails that appeared legitimate, exploiting a flaw in the account creation process to steal login credentials.
Deliverability
fromSecurityWeek
4 weeks ago

Robinhood Vulnerability Exploited for Phishing Attacks

Cybercriminals exploited Robinhood's account creation process to send phishing emails, but no personal information or funds were compromised.
more#robinhood
Germany politics
fromThe Local Germany
1 month ago

Germany launches spying probe into Signal attacks targeting MPs

German prosecutors investigate phishing attacks on lawmakers, linked to Russia, highlighting the need for vigilance against espionage threats.
Information security
fromInfoWorld
1 month ago

Offer customers passkeys by default, UK's NCSC tells enterprises

Passkeys are recommended as the primary authentication method due to their security against phishing and credential reuse.
Deliverability
fromSecurityWeek
1 month ago

The Behavioral Shift: Why Trusted Relationships Are the Newest Attack Surface

Email attackers now exploit behavioral weaknesses, using tailored tactics that blend into trusted relationships and workflows, making detection more challenging.
Information security
fromZDNET
1 month ago

The shadowy SIM farms behind those incessant scam texts - and how to stay safe

SIM farms are used by cybercriminals for financial fraud, spam, phishing, and online product scalping.
Information security
fromSecurityWeek
1 month ago

Dozens of Malicious Crypto Apps Land in Apple App Store

Over two dozen fake cryptocurrency apps targeting iOS users have been found in the Apple App Store, aimed at stealing recovery phrases and private keys.
Information security
fromTechRepublic
1 month ago

Over 800 Android Apps Targeted in PIN-Stealing Trojan Campaign

Hackers exploit Android's overlay feature to capture PINs and monitor user interactions across over 800 apps using banking trojans.
fromSecurityWeek
1 month ago

British Scattered Spider Hacker Pleads Guilty in the US

Buchanan admitted to conducting SMS phishing attacks, bombarding a victim company's employees with hundreds of messages linking to phishing sites designed to harvest credentials and personally identifiable information (PII).
Privacy professionals
Information security
fromTheregister
1 month ago

Prompt injection proves AI models are gullible like humans

Prompt injection attacks exploit AI systems, similar to phishing, by embedding malicious instructions that the AI executes instead of treating as content.
Information security
fromTechzine Global
1 month ago

Attackers are targeting developers via Slack and Google Sites

A targeted phishing campaign exploits trust in the open-source community, tricking developers into providing credentials and installing malicious software.
Information security
fromTechCrunch
1 month ago

FBI announces takedown of phishing operation that targeted thousands of victims | TechCrunch

The FBI dismantled a global phishing operation, W3LL, targeting over 17,000 victims and facilitating over $20 million in fraud.
Privacy professionals
fromTechCrunch
1 month ago

Hack-for-hire group caught targeting Android devices and iCloud backups | TechCrunch

A hack-for-hire group is targeting journalists and officials in the Middle East and North Africa using phishing and spyware tactics.
Deliverability
fromZDNET
1 month ago

How a burner email can protect your inbox - setting one up one is easy and free

A burner email address protects against spam and phishing by providing a temporary, disposable option for account creation.
#scam
NYC politics
fromHoodline
1 month ago

Brooklyn Drivers Slammed With Scam 'Enforcement Action' Texts, NYPD Warns

Brooklyn drivers are targeted by a scam text claiming enforcement action, urging immediate payment to avoid penalties.
NYC politics
fromHoodline
1 month ago

Brooklyn Drivers Slammed With Scam 'Enforcement Action' Texts, NYPD Warns

Brooklyn drivers are targeted by a scam text claiming enforcement action, urging immediate payment to avoid penalties.
more#scam
Information security
fromFortune
1 month ago

I knew about North Korean hackers-they still tricked me and got into my computer | Fortune

North Korean hackers are increasingly targeting individuals in the crypto industry, employing sophisticated deception tactics.
Cryptocurrency
fromnews.bitcoin.com
1 month ago

Kraken User Loses $18.2M in Crypto Social Engineering Attack as Funds Move via Thorchain: ZachXBT

A coordinated theft involved phishing tactics, rapid asset transfers, and laundering of approximately $1.8 million in ether through decentralized protocols.
[ Load more ]