"A newly discovered phishing-as-a-service (PhaaS) operation that researchers call Morphing Meerkat, has been using the DNS over HTTPS (DoH) protocol to evade detection."
TLP1 : Green
"An ongoing campaign that infiltrates legitimate websites with malicious JavaScript injects to promote Chinese-language gambling platforms has ballooned to compromise approximately 150,000 sites to date."
TLP1 : Green
"Threat actors are leveraging an e-crime tool called Atlantis AIO Multi-Checker to automate credential stuffing attacks, according to findings from Abnormal Security."
TLP1 : Green
A new threat has emerged in the form of a browser extension designed to steal your sensitive information. Pulsedive Threat Research has uncovered “Rilide,” an information stealer masquerading as a legitimate browser extension.
TLP1 : Green
"In the digital world of likes, follows, and ad conversions, a single email can unravel your entire marketing infrastructure. That’s exactly what a sophisticated phishing campaign discovered by the Cofense Phishing Defense Center (PDC) is exploiting"
TLP1 : Green
"Hunt researchers have uncovered a cyber intrusion campaign targeting South Korean organizations, utilizing a sophisticated combination of tools and techniques."
TLP1 : Green
"A newly discovered information-stealing malware called Arcane is stealing extensive user data, including VPN account credentials, gaming clients, messaging apps, and information stored in web browsers."
TLP1 : Green
"Cybersecurity researchers have disclosed details of a new supply chain attack vector dubbed Rules File Backdoor that affects artificial intelligence (AI)-powered code editors like GitHub Copilot and Cursor, causing them to inject malicious code."
TLP1 : Green
"A new report from K7 Labs has uncovered a sophisticated Android banking Trojan campaign that uses the guise of a popular AI chatbot to deceive users. The malware, known as OctoV2, is being spread through deceptive websites that mimic the official Deepseek AI chatbot application."
"The BI.ZONE Threat Intelligence team has uncovered a new cyber-espionage campaign attributed to Squid Werewolf, also known as APT37, Ricochet Chollima, ScarCruft, and Reaper Group."
TLP1 : Green
