The exploitation chain begins with a weaponized HTML Application payload called GammaPhish, which retrieves intermediate Visual Basic Script (VBScript) downloaders known as GammaLoad, according to Sekoia.
Tag: begins
Global Security News
Meta tries to get ahead of scammers before the World Cup begins
Football fans are counting down the days until the FIFA World Cup begins, and scammers are doing the same. Last week, the FBI warned that cybercriminals are spoofing FIFA websites to steal personal information, sell fake tickets, and promote fraudulent hospitality packages ahead of the tournament. With millions of supporters expected to travel to the…
AI, Global Security News
CypherLoc scareware tricks millions into identity theft traps
The CypherLoc attack begins with a phishing email containing a malicious link or attachment.
Global Security News
End‑to‑End Encrypted RCS Messaging Arrives Across iPhone and Android
Apple begins rolling out end-to-end encrypted RCS messaging between iPhone and Android in iOS 26.5
AI, Global Security News
Meta Removes Law-Firm Ads Recruiting Clients to Sue It
After recent losses in trials related to social-media practices, the tech company begins taking down ads on its apps meant to attract eligible plaintiffs.
AI, Compliance, Cybersecurity, Data Breaches, Global Security News, malware, Risk Management
Building Phishing Detection That Works: 3 Steps for CISOs
90% of attacks start with phishing. For CISOs, the real pain begins when the SOC cannot quickly tell whether a suspicious alert is just noise or the start of credential theft, account compromise, malware delivery, or wider business disruption. Modern phishing campaigns are designed to create exactly that uncertainty. QR codes, redirect chains, CAPTCHAs, phishing kits, and AI-generated lures can all hide the real objective until late…
AI, Compliance, Cybersecurity, Data Breaches, Global Security News, malware, Risk Management
Building Phishing Detection That Works: 3 Steps for CISOs
90% of attacks start with phishing. For CISOs, the real pain begins when the SOC cannot quickly tell whether a suspicious alert is just noise or the start of credential theft, account compromise, malware delivery, or wider business disruption. Modern phishing campaigns are designed to create exactly that uncertainty. QR codes, redirect chains, CAPTCHAs, phishing kits, and AI-generated lures can all hide the real objective until late…
AI, Exploits, Global Security News
Fireside Chat: AI agents are reshaping mobile attacks — and exposing weak API trust models
SAN FRANCISCO — A new exposure is emerging in mobile security as AI begins to act on behalf of users — and attackers move to exploit that shift. Related: RSAC wrap-up—no easy fixes for AI exposures In a Fireside Chat at RSAC 2026, Approov CEO Ted Miracco described how mobile apps are starting to hand…
AI, Cybersecurity, Data Breaches, Exploits, Global Security News, malware, Network Security, Risk Management
Why CISOs should embrace AI honeypots
The nightmare begins with our protagonist trying to find a way inside to get to the firm’s files, but every door is bolted shut. Then they spot a back entrance and they’re in, first walking, then running down one corridor, then another, and another, feeling that they’re getting ever closer to that file and a…
Global Security News, Risk Management
OpenAI’s Bid to Allow X-rated Talk Is Freaking Out Its Own Advisers
Warnings surface that the company risks creating a ‘sexy suicide coach’ if it begins allowing sexually explicit chats
Global Security News
The Evolution of Route Planning Software in a Real-Time Logistics World
GUEST OPINION: A new day begins in the logistics hub. Dispatchers brace themselves for another marathon: hundreds of orders, diverse delivery windows, shifting traffic, and customers who expect real-time status updates as the bare minimum. With every hour, the pressure mounts not just to deliver quickly but to deliver smarter.
AI, Global Security News
Deathwing reigns: Cataclysm expansion unleashed for Hearthstone’s next chapter
A new year dawns for Blizzard Entertainment’s long-running digital card battler Hearthstone – and it begins with fire, ash, and the return of one of Warcraft’s most iconic villains.
AI, Blog, CVE, CVEs, Endpoint, Exploits, Global Security News, Risk Management
CVE-2026-21858 aka Ni8mare: Critical Unauthenticated Remote Code Execution Vulnerability in n8n Platform
The surge of critical vulnerabilities shows no signs of slowing as 2026 begins. In the aftermath of the MongoBleed (CVE-2025-14847) disclosure, another critical flaw has surfaced, impacting the n8n AI workflow automation platform. Tracked as CVE-2026-21858 and dubbed Ni8mare, the flaw obtains a maximum-severity score (CVSS 10.0) and might result in granting full control over…