Scammers have begun impersonating outreach from Google’s “Careers” division to trick targets into giving away their credentials. According to a Sublime Security finding, the attackers are sending messages that appear to come from Google’s recruiting team — asking “Are you open to talk?” — and take victims through a fake booking process that lands them…
Category: Phishing, Security
Exploits, Global Security News, Phishing, Security
ClayRat spyware turns phones into distribution hubs via SMS and Telegram
A fast-evolving Android spyware campaign known as “ClayRat,” initially targeting Russian users but now spreading far beyond, has produced more than 600 samples and 50 droppers in just three months. According to Zimperium’s Zlabs observations, ClayRat is distributed via phishing sites and Telegram channels posing as popular apps such as TikTok, YouTube, and Google Photos,…
Exploits, Global Security News, Phishing, Security
ClayRat spyware turns phones into distribution hubs via SMS and Telegram
A fast-evolving Android spyware campaign known as “ClayRat,” initially targeting Russian users but now spreading far beyond, has produced more than 600 samples and 50 droppers in just three months. According to Zimperium’s Zlabs observations, ClayRat is distributed via phishing sites and Telegram channels posing as popular apps such as TikTok, YouTube, and Google Photos,…
Exploits, Global Security News, Phishing, Security
ClayRat spyware turns phones into distribution hubs via SMS and Telegram
A fast-evolving Android spyware campaign known as “ClayRat,” initially targeting Russian users but now spreading far beyond, has produced more than 600 samples and 50 droppers in just three months. According to Zimperium’s Zlabs observations, ClayRat is distributed via phishing sites and Telegram channels posing as popular apps such as TikTok, YouTube, and Google Photos,…
Exploits, Global Security News, Phishing, Security
ClayRat spyware turns phones into distribution hubs via SMS and Telegram
A fast-evolving Android spyware campaign known as “ClayRat,” initially targeting Russian users but now spreading far beyond, has produced more than 600 samples and 50 droppers in just three months. According to Zimperium’s Zlabs observations, ClayRat is distributed via phishing sites and Telegram channels posing as popular apps such as TikTok, YouTube, and Google Photos,…
Exploits, Global Security News, Phishing, Security
ClayRat spyware turns phones into distribution hubs via SMS and Telegram
A fast-evolving Android spyware campaign known as “ClayRat,” initially targeting Russian users but now spreading far beyond, has produced more than 600 samples and 50 droppers in just three months. According to Zimperium’s Zlabs observations, ClayRat is distributed via phishing sites and Telegram channels posing as popular apps such as TikTok, YouTube, and Google Photos,…
Exploits, Global Security News, Phishing, Security
ClayRat spyware turns phones into distribution hubs via SMS and Telegram
A fast-evolving Android spyware campaign known as “ClayRat,” initially targeting Russian users but now spreading far beyond, has produced more than 600 samples and 50 droppers in just three months. According to Zimperium’s Zlabs observations, ClayRat is distributed via phishing sites and Telegram channels posing as popular apps such as TikTok, YouTube, and Google Photos,…
Global Security News, Phishing, Security
Cybercrooks faked Microsoft OAuth apps for MFA phishing
Threat actors have cooked up a clever way to slip past multifactor authentication (MFA), tricking users into approving fake app access requests that impersonate trusted brands. According to Proofpoint findings, attackers are crafting fake Microsoft OAuth apps that mimic trusted brands, like SharePoint and DocuSign, to dupe users and swipe their credentials. “Proofpoint has identified…
Global Security News, Phishing, Security
How phishers are weaponizing SVG images in zero-click, evasive campaigns
Threat actors are shifting from conventional phishing tricks, which used malicious links and document macros, to benign-looking image files embedded with stealthy browser redirects. According to an Ontinue discovery, newer campaigns are using Scalable Vector Graphics (SVG) — typically harmless image formats — to sneak in obfuscated JavaScript that quietly redirects victims to malicious domains.…
Global Security News, Phishing, Security
Hacker erbeuten Salesforce-Daten mit Vishing
Salesforce-User in mehreren Branchen wurden Opfer einer gezielten Vishing-Attacke. JHVEPhoto – shutterstock.com Eine neue Welle von Cyberangriffen auf Salesforce-Kunden erfasst aktuell Unternehmen verschiedener Branchen, darunter Gastgewerbe, Einzelhandel und Bildungswesen. Die Google Threat Intelligence Group (GTIG) hat die Angreifer, die sich auf Voice-Phishing (Vishing) spezialisiert haben, als UNC6040 identifiziert. Modifizierte Salesforce-Tools als Einfallstor Berichten zufolge geben…
Exploits, Global Security News, Phishing, Security
Hackers use Vishing to breach Salesforce customers and swipe data
In an active campaign, a financially motivated threat actor is voice phishing (Vishing) Salesforce customers to compromise their organizational data and carry out subsequent extortion. Tracked as UNC6040 by Google Threat Intelligence Group (GTIG), the threat actor group targets employees within English-speaking branches of multinational corporations to trick them into granting sensitive access or sharing…
Exploits, Global Security News, Phishing, Security
Hackers use Vishing to breach Salesforce customers and swipe data
In an active campaign, a financially motivated threat actor is voice phishing (Vishing) Salesforce customers to compromise their organizational data and carry out subsequent extortion. Tracked as UNC6040 by Google Threat Intelligence Group (GTIG), the threat actor group targets employees within English-speaking branches of multinational corporations to trick them into granting sensitive access or sharing…
Exploits, Global Security News, Phishing, Security
Hackers use Vishing to breach Salesforce customers and swipe data
In an active campaign, a financially motivated threat actor is voice phishing (Vishing) Salesforce customers to compromise their organizational data and carry out subsequent extortion. Tracked as UNC6040 by Google Threat Intelligence Group (GTIG), the threat actor group targets employees within English-speaking branches of multinational corporations to trick them into granting sensitive access or sharing…
Global Security News, Phishing, Security
The most effective phishing QR code is a new drug and alcohol policy supposedly from HR
Phishing emails that appear to be internal and come from the IT or HR department are the emails that trick the most users, according to KnowBe4’s Q1 2025 Phishing Report. Over 60% of emails that tricked users into clicking mentioned an internal team and almost 50% specifically mentioned HR. The subject lines that got the…
Global Security News, Phishing, Security
Darcula phishing toolkit gets AI boost, democratizing cybercrime
Enterprise security teams face an immediate escalation in phishing threats as the notorious Darcula toolkit has now started weaponizing generative AI to create highly convincing phishing pages at unprecedented speed and scale. Researchers at cybersecurity firm Netcraft detected this alarming development on April 23, documenting how the platform has evolved to enable even novice attackers…
Global Security News, Phishing, Security
PoisonSeed targets Mailchimp, Mailgun, and Zoho to phish high-value accounts
A new phishing campaign, PoisonSeed, has been targeting CRM and email providers to obtain email lists for bulk cryptocurrency spamming. Silent Push, the cybersecurity firm that uncovered the elaborate campaign, linked it to a couple of recent phishing incidents — Troy Hunt’s MailChimp attack, and Coinbase phishing email tricks — representing two legs of the…
Global Security News, Phishing, Security
New phishing campaign uses scareware to steal Apple credentials
A new phishing campaign targeting Mac systems employs scareware tactics to steal Apple IDs and passwords from unsuspecting users. Identified by LayerX Labs, the attack involves compromised websites displaying fake security warnings claiming that the user’s computer has been “compromised” and “locked,” and prompting users to enter username and password. “Apple Security Warning. MacOS has…
Global Security News, Phishing, Security
Attackers attempted hijacking 12,000 GitHub accounts with click-fix alerts
In a new phishing campaign, GitHub developers are being targeted with fake “Security Alerts” where they are prompted to authorize a malicious OAuth application. Successful execution of the Click-fix campaign, which has reportedly targeted over 12,000 GitHub repositories, can allow attackers full control over the affected accounts and codes. Cybersecurity researcher Luc4m first reported the…
Global Security News, Phishing, Security
Russian hackers turn trusted online stores into phishing pages
In a smart campaign, Russian cybercriminals are turning trusted online stores into phishing pages that capture sensitive details through convincing payment interfaces. According to a research by the cybersecurity firm Slashnext, the Russian miscreants have built a WordPress plugin, PhishWP, which creates fake payment pages that look like trusted services, such as Stripe. “WordPress is…