-
Bluekit Phishing Kit is a new PhaaS tool that targets major platforms, using AiTM techniques to steal session data and bypass MFA protections.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Forcepoint’s X-Labs reports an 11-step DHL phishing scam that uses fake OTP codes and EmailJS to harvest user credentials and device telemetry.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security Risk in 2026: why unofficial download sources still put users at risk, and how to verify safe, official install paths before installing software.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Research from Infoblox reveals a massive Click2SMS fraud scheme using fake CAPTCHAs and back button hijacking to trick victims into sending costly international texts.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Fake CAPTCHA ClickFix attack tricks users into running malicious commands, using cmdkey and regsvr32 to maintain persistence and avoid detection on Windows
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
FBI Atlanta and Indonesian National Police dismantle W3LLSTORE phishing market linked to $20M fraud, seizing domains and detaining developer.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
REF1695 hackers spread Monero mining malware via fake non-profit installers, using stealth tactics to evade detection and hijack systems for profit.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
North Korean hackers (UNC4736) posed as a trading firm for six months to infiltrate Drift Protocol, using social engineering tactics to steal $285M without suspicion.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft warns of a WhatsApp attachments spreading VBS malware that installs backdoors on Windows PCs, giving hackers remote access and control systems.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
GitHub developers face rising giveaway scams. Verify repos, links, and maintainers before acting. Avoid rushed clicks, fake rewards, and risky wallet actions.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
