Tag Archives: phishing

We set out to craft the perfect phishing scam. Major AI chatbots were happy to help.  Reuters AI Chatbots Are Fueling A New Wave Of Digital Scams  Finimize SpamGPT Cybercrime Toolkit Enables Large-scale Automated Phishing Campaigns In 2025  Dataconomy AI Service for Cyberattacks Emerges on the Dark Web  ForkLog We set out to craft a phishing scam. AI chatbots were happy to help  MarketScreener Source …

A newly discovered phishing-as-a-service (PhaaS) platform, named VoidProxy, targets Microsoft 365 and Google accounts, including those protected by third-party single sign-on (SSO) providers such as Okta. The platform uses adversary-in-the-middle (AitM) tactics to steal credentials, multi-factor authentication (MFA) codes, and session cookies in real time. VoidProxy was discovered by Okta Threat Intelligence researchers, who describe it as scalable, evasive, and sophisticated. The …

Transparent Tribe Targets Indian Govt With Weaponized Desktop Shortcuts via Phishing  The Hacker News APT36: Targets Indian BOSS Linux Systems with Weaponized AutoStart Files  CYFIRMA APT36 hackers abuse Linux .desktop files to install malware in new attacks  BleepingComputer Pakistani Hackers Back at Targeting Indian Government Entities  SecurityWeek Pakistan-linked APT36 abuses Linux .desktop files to drop custom malware in new campaign  Security Affairs Source link

Phishing has always been about deceiving people. But in this campaign, the attackers weren’t only targeting users; they also attempted to manipulate AI-based defenses. This is an evolution of the Gmail phishing chain documented by Anurag last week. That campaign relied on urgency and redirects, but this one introduces hidden AI prompts designed to confuse automated analysis. According to Anurag’s …

Scammers are relentless in their pursuit of your personal information, from login credentials to credit card numbers, and one of the latest schemes targets Facebook users (again), this time in an attempt to open an ongoing line of communication that they can exploit over time. Malwarebytes Labs has identified a login phishing scam nearly identical to the one I recently …

A crypto user lost $908,551 to a wallet-draining scam 458 days after unknowingly signing a malicious approval transaction, onchain data shows. The attack originated from an ERC-20 approval transaction — likely signed via a phishing site or fake airdrop — that gave the scammer’s wallet, “0x67E5Ae,” ongoing permission to access the victim’s funds. The scammer — linked to the notorious …

PoisonSeed Hackers Bypass FIDO Keys Using QR Phishing and Cross-Device Sign-In Abuse  The Hacker News Threat actors downgrade FIDO2 MFA auth in PoisonSeed phishing attack  BleepingComputer ‘PoisonSeed’ Attacker Skates Around FIDO Keys  Dark Reading | Security Phishers have found a way to downgrade—not bypass—FIDO MFA  Ars Technica New PoisonSeed Attack Let Attackers Trick Users into Scanning a QR Code with an MFA Authenticator  CyberSecurityNews Source …

A PoisonSeed phishing campaign is bypassing FIDO2 security key protections by abusing the cross-device sign-in feature in WebAuthn to trick users into approving login authentication requests from fake company portals. The PoisonSeed threat actors are known to employ large-volume phishing attacks for financial fraud. In the past, distributing emails containing crypto seed phrases used to drain cryptocurrency wallets. In the recent phishing …

Google Gemini for Workspace can be exploited to generate email summaries that appear legitimate but include malicious instructions or warnings that direct users to phishing sites without using attachments or direct links. Such an attack leverages indirect prompt injections that are hidden inside an email and obeyed by Gemini when generating the message summary.  Despite similar prompt attacks being reported …