cyber security
New SharePoint Phishing Campaigns Employing Deceptive Lick Techniques
Security analysts at CyberProof’s Security Operations Center (SOC) have identified a sharp rise in phishing campaigns leveraging Microsoft SharePoint to bypass modern detection systems.
Unlike traditional phishing attempts that rely...
cyber security
Beware of Fake Zoom Client Downloads Granting Attackers Access to Your Computer
In the wake of the COVID-19 pandemic, collaborative tools like Microsoft Teams, Zoom, and WebEx have become indispensable for remote work, enabling seamless communication...
Cyber Attack
830 Organizations Hacked via Glitch-hosted Phishing Attack Uses Telegram & Fake CAPTCHAsÂ
Netskope Threat Labs reported a staggering 3.32-fold increase in traffic to phishing pages hosted on the Glitch platform, a browser-based web development tool that...
cyber security
Outlook Users Targeted by New HTML-Based Phishing Scheme
A recent phishing campaign has revealed a sophisticated technique that exploits Microsoft Outlook’s unique handling of HTML emails to conceal malicious links from corporate...
cyber security
SCATTERED SPIDER Hackers Target IT Support Teams & Bypass Multi-Factor Authentication
A cybercriminal group known as SCATTERED SPIDER has emerged as a formidable threat, targeting sectors like hospitality, telecommunications, finance, and retail with unprecedented sophistication.
This...
APT
APT37 Hackers Fake Academic Forum Invites to Deliver Malicious LNK Files via Dropbox Platform
The North Korean state-sponsored hacking group APT37 has launched a sophisticated spear phishing campaign in March 2025, targeting activists focused on North Korean issues.
Disguised...
cyber security
HuluCaptcha: Fake Captcha Kit Tricks Users into Executing Code via Windows Run Command
Security researchers have identified a sophisticated phishing campaign leveraging a fake CAPTCHA verification system dubbed "HuluCaptcha" that covertly executes malicious code through the Windows...
Cyber Attack
Haozi’s Plug-and-Play Phishing Attack Steals Over $280,000 From Users
Netcraft security researchers have identified a significant resurgence of the Chinese-language Haozi Phishing-as-a-Service (PhaaS) operation, distinguished by its cartoon mouse mascot and frictionless cybercrime...
cyber security
Dadsec Hacker Group Uses Tycoon2FA Infrastructure to Steal Office365 Credentials
Cybersecurity researchers from Trustwave’s Threat Intelligence Team have uncovered a large-scale phishing campaign orchestrated by the notorious hacker group Storm-1575, also known as "Dadsec."
Since...
Cyber Attack
Threat Actors Exploit Nifty[.]com Infrastructure in Sophisticated Phishing Attack
Threat actors have orchestrated a multi-wave phishing campaign between April and May 2025, leveraging the legitimate infrastructure of Niftycom, a prominent Japanese Internet Service...
Cyber Attack
UTG-Q-015 Hackers Launch Massive Brute-Force Attacks on Government Web Servers
The hacker group UTG-Q-015, first identified in December 2024 for mounting attacks on major websites like CSDN, has escalated its malicious activities, targeting government...