Okta Under Attack as Hackers Skip Phishing for Identity Systems

Hackers are shifting away from email phishing and are directly targeting Okta and other identity providers using voice‑based social engineering, or “Okta vishing.” This trend turns what used to be a single account compromise into an immediate, organiza…

·

cyber security, Cyber Security News, Phishing

¶¶¶¶¶

GitHub and Jira Alerts Hijacked for Trusted-SaaS Phishing

Hackers are abusing GitHub and Jira’s built‑in notification systems to send phishing emails that appear completely legitimate. Because these emails are sent from the platforms’ own mail servers, they pass standard checks like SPF, DKIM, and DMARC, maki…

·

cyber security, Cyber Security News, Phishing

¶¶¶¶¶

OpenSSF Flags Malware Campaign on Slack Posing as Linux Foundation Figures

OpenSSF warns hackers impersonate Linux Foundation leaders on Slack, tricking developers into installing malware that can compromise entire systems.

·

Cyber Attack, cybersecurity, Google Workspace, Linux Foundation, Malware, OpenSSF, Phishing, Phishing Scam, SCAM, Scams and Fraud, Security, Slack

¶¶¶¶¶

FBI Atlanta and Indonesian National Police Take Down W3LLSTORE Phishing Marketplace

FBI Atlanta and Indonesian National Police dismantle W3LLSTORE phishing market linked to $20M fraud, seizing domains and detaining developer.

·

Cyber Crime, FBI, FBI Atlanta, Fraud, Indonesia, Indonesian National Police, Microsoft 365, Phishing, Phishing Kit, Phishing Scam, SCAM, W3LLSTORE

¶¶¶¶¶

GitHub, GitLab Abused for Malware and Phishing Campaigns

Hackers are increasingly abusing trusted software development platforms GitHub and GitLab to host malware and credential phishing campaigns, making defensive detection significantly harder for enterprises. Because these Git-based platforms are deeply i…

·

cyber security, Cyber Security News, GitHub, GitLab, Malware, Phishing

¶¶¶¶¶

New Phishing Campaign Exploits Google Storage to Deliver Remcos RAT

A recently observed phishing campaign is abusing Google Cloud Storage to deliver the Remcos remote access trojan (RAT), relying on trusted Google infrastructure and a signed Microsoft binary to evade traditional defenses. Attackers host a fake Google D…

·

cyber security, Cyber Security News, Phishing

¶¶¶¶¶

Meta Business Alerts Abused for Phishing Campaigns

Hackers are weaponizing legitimate Meta Business Manager notifications to sneak phishing emails past security filters and into users’ inboxes. By abusing trusted Meta infrastructure, attackers make their messages appear authentic while quietly fu…

·

cyber security, Cyber Security News, Phishing

¶¶¶¶¶

Threat Actors Exploit LogMeIn Resolve, ScreenConnect in Phishing Campaigns

Threat actors are abusing legitimate remote monitoring and management (RMM) tools LogMeIn Resolve and ScreenConnect in a multi‑stage phishing campaign that blends social engineering, living‑off‑the‑land techniques, and stealthy information‑stealing mal…

·

cyber security, Cyber Security News, Phishing

¶¶¶¶¶

Missile Alert Phishing Exploits Iran-US-Israel Conflict for Microsoft Logins

New Phishing scam uses fake missile alerts and the ongoing conflict involving Iran to target users with QR codes and fake government emails to steal Microsoft passwords.

·

Cofense, Cyber Attack, cybersecurity, Iran, Israel, Phishing, QR Code, SCAM, Scams and Fraud, Security, USA

¶¶¶¶¶

North Korea Uses GitHub as C2 in New LNK Phishing Campaign

A new phishing campaign that uses malicious Windows shortcut (LNK) files to target users in South Korea, while abusing GitHub as Command and Control (C2) infrastructure to hide its activity. The operation, linked through tooling and tradecraft to North…

·

cyber security, Cyber Security News, GitHub, Phishing

¶¶¶¶¶

1010.cx

1010.cx

Category: Phishing