-
A new phishing campaign is targeting MetaMask users with cleverly crafted emails designed to trick recipients into enabling a fake Two-Factor Authentication (2FA) setup. The lure includes a forged “security report” PDF meant to mimic a legitimate notif…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
New phishing activity is again abusing the Booking.com ecosystem to defraud both hotel partners and their guests, using a coordinated multi‑stage campaign that blends email, infrastructure abuse, and social engineering across email and WhatsApp. The pr…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
QR code abuse has become a significant mobile threat vector, with attackers using it to deliver phishing pages, trigger in‑app account takeovers, and distribute malicious applications outside official app stores. Because people routinely scan QR codes …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hey folks in the threat‑hunting world looks like our coverage of the Noodlophile infostealer has struck a nerve with its creators. The operators used inflated engagement metrics and fake popularity scores to lure victims into downloading malicious ZIP …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
An ongoing wave of phishing campaigns exploiting fake meeting invites from popular video conferencing platforms, including Zoom, Microsoft Teams, and Google Meet. The attacks use social engineering to lure corporate users into downloading malicious “so…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
XWorm, a multi-functional .NET‑based RAT first observed in 2022, remains actively traded across cybercrime marketplaces and continues to attract both low-skilled and advanced operators thanks to its rich feature set and plugin-based architecture. Once …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The 2025 spam and phishing landscape shows a sharp rise in AI-generated lures and QR code–based “quishing,” alongside complex malware campaigns abusing cracked games and software to deliver information stealers at scale. These trends highlight how soci…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Attackers are using Pride Month themed phishing emails to target employees worldwide, abusing trusted email platforms like SendGrid to harvest credentials.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Global Group ransomware is delivered through phishing emails and can encrypt files offline without any internet connection.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated new phishing campaign is targeting Apple Pay users, leveraging high-quality email design and social engineering to bypass security measures. Unlike typical scams that rely on poorly spelled emails and suspicious links, this campaign use…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
