social-engineering
189 articles with this tag
MEDIUM
HIGH
HIGH
HIGH
HIGH
MEDIUM
INFO
MEDIUM
MEDIUM
HIGH
MEDIUM
MEDIUM
HIGH
HIGH
HIGH
MEDIUM
HIGH
HIGH
MEDIUM
MEDIUM
MEDIUM
HIGH
HIGH
LOW
INFO
MEDIUM
HIGH
HIGH
HIGH
HIGH
HIGH
CRITICAL
CRITICAL
HIGH
MEDIUM
MEDIUM
HIGH
HIGH
HIGH
MEDIUM
MEDIUM
HIGH
MEDIUM
MEDIUM
CRITICAL
HIGH
HIGH
HIGH
CRITICAL
HIGH
MEDIUM
HIGH
INFO
HIGH
HIGH
MEDIUM
HIGH
HIGH
CRITICAL
MEDIUM
HIGH
MEDIUM
CRITICAL
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
MEDIUM
LOW
MEDIUM
MEDIUM
HIGH
HIGH
HIGH
INFO
HIGH
HIGH
HIGH
CRITICAL
HIGH
MEDIUM
MEDIUM
MEDIUM
MEDIUM
HIGH
MEDIUM
HIGH
MEDIUM
HIGH
MEDIUM
HIGH
MEDIUM
CRITICAL
MEDIUM
HIGH
MEDIUM
HIGH
MEDIUM
FBI warns of in-person data theft attacks from extortion gang
Fake LinkedIn emails abuse Adobe to track victims
Fjársvikarar nota gervigreind til að tala íslensku
MFA Prompt Bombing: Why Your Second Factor Isn't Saving You
2 PhaaS 2 Furious: The Evolution of Chinese-language Phishing Services
A Russian speaker and jailbroken Gemini went on a hacking spree and emptied at least one MAGA victim's crypto wallets
Verizon DBIR: Healthcare Fends Off Increased Social Engineering Attacks
Inside a Crypto Drainer: How to Spot it Before it Empties Your Wallet
One Man, One AI, One Fake Persona: Inside the 5-Year Influence and Fraud ‘Patriot Bait’ Campaign
Storm-2949 actor targets Microsoft 365 and Azure environments
Poland directs officials to cease Signal use amid cyberattack concerns
QR Code Phishing Surges as Attackers Shift Toward Mobile Tactics
Stealer Spoofs Google, Microsoft & Apple, Then Backdoors macOS
New macOS infostealer impersonates Apple, Microsoft, and Google in a single attack chain
TCLBANKER: Brazilian Banking Trojan Spreading via WhatsApp and Outlook
Hackers Bypass Security Tools to Target Users Directly
How Storm-2949 turned a compromised identity into a cloud-wide breach
SHub macOS infostealer variant spoofs Apple security updates
Hvalfirðingar hafna sameiningarhugmyndum við önnur sveitarfélög
Engar hópuppsagnir tilkynntar í apríl
Vara við fjársvikum þar sem talgervill talar íslensku
Fake job interviews used to deploy JobStealer malware
KongTuke hackers now use Microsoft Teams for corporate breaches
To gain root access at this company, all an intruder had to do was ask nicely
Podcast: The Chinese Deepfake Software Powering Scams
Signal adds security warnings for social engineering, phishing attacks
Breaking the code: Multi-stage ‘code of conduct’ phishing campaign leads to AiTM token compromise
Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads
Fake OpenAI repository on Hugging Face pushes infostealer malware
"AccountDumpling": Hunting Down the Google-Sent Phishing Wave Compromising 30,000+ Facebook Accounts
Australian Cyber Security Centre Issues Alert Over ClickFix Attacks
Weaponizing Trust Signals: Claude Code Lures and GitHub Release Payloads
Snow Flurries: How UNC6692 Employed Social Engineering to Deploy a Custom Malware Suite
DigiCert breached via malicious screensaver file
Social Engineering Leveled Up. Has Your Security Program?
Human-centric failures: Why BEC continues to work despite MFA
Hugging Face, ClawHub Abused for Malware Distribution
Smashing Security podcast #465: This developer wanted to cheat at Roblox. It cost millions
New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs
Kuse Web App Abused to Host Phishing Document
Vidar infostealer evolves, uses image files for stealthy attacks
BlueNoroff Uses Fake Zoom Calls to Turn Victims Into Attack Lures
Experts: Amplification of opportunistic cyberattacks central to Iran's strategy
UNC6692 Uses Email Bombing, Social Engineering to Deploy ‘Snow’ Malware
Fake CAPTCHA IRSF Scam and 120 Keitaro Campaigns Drive Global SMS, Crypto Fraud
BlackFile Group Targets Retail and Hospitality with Vishing Attacks
Threat actor uses Microsoft Teams to deploy new “Snow” malware
Crime crew impersonates help desk, abuses Microsoft Teams to steal your data
UNC6692 Impersonates IT Helpdesk via Microsoft Teams to Deploy SNOW Malware
Snow Flurries: How UNC6692 Employed Social Engineering to Deploy a Custom Malware Suite
The Behavioral Shift: Why Trusted Relationships Are the Newest Attack Surface
North Korean Hackers Use AppleScript, ClickFix in Fresh macOS Attacks
Top techniques attackers use to infiltrate your systems today
Attackers abuse Microsoft Teams to impersonate the IT helpdesk in a new enterprise intrusion playbook
Cross‑tenant helpdesk impersonation to data exfiltration: A human-operated intrusion playbook
Tycoon 2FA Phishers Scatter, Adopt Device Code Phishing
Dissecting Sapphire Sleet’s macOS intrusion from lure to compromise
ClickFix Phishing Campaign Masquerading as a Claude Installer
Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks
AI clickbait can turn your notifications into a scam feed
Phantom in the vault: Obsidian abused to deliver PhantomPulse RAT
The Dumbest Hack of the Year Exposed a Very Real Problem
North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware
Fake Claude Website Distributes PlugX RAT
ClickFix campaign delivers Mac malware via fake Apple page
'Several dozen' high-value corporations hit by new extortion crew in helpdesk phishing spree
Google Warns of New Threat Group Targeting BPOs and Helpdesks
Google: New UNC6783 hackers steal corporate Zendesk support tickets
New macOS stealer campaign uses Script Editor in ClickFix attack
That “Friendly” Prompt is ClickFix
The Three-Finger Test
QR Code Scam Shows Rise of Mobile “Quishing” Attacks
Hackers make FAKE notifications
I was targeted by a fake job interview on Wellfound. Instead of becoming a victim I reverse-engineered the malware. Here's the full analysis: 571 encrypted config values decrypted, C2 and Sentry DSN exposed, DPRK/Contagious Interview attribution.
North Korean Hackers Target High-Profile Node.js Maintainers
$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation
Dark Web Hackers for Hire: Even you are a target
Axios npm hack used fake Teams error fix to hijack maintainer account
That dream job offer from Coca-Cola or Ferrari? It’s a trap for your passwords
The democratisation of business email compromise fraud
WhatsApp Alerts 200 Users After Fake iOS App Installed Spyware; Italian Firm Faces Action
Don't open that WhatsApp message, Microsoft warns
ClickFix in the PhishU Framework
Weaponizing Windows Toast Notifications for Social Engineering
Weaponizing Windows Toast Notifications for Social Engineering
Phishers Pose as Palo Alto Networks' Recruiters for Months in Job Scam
ClickFix Campaigns Targeting Windows and macOS
Threat Brief: Recruiting Scheme Impersonating Palo Alto Networks Talent Acquisition Team
NICKEL ALLEY strategy: Fake it ‘til you make it
FriendlyDealer mimics official app stores to push unvetted gambling apps
The phone call is the new phishing email
Smooth criminals talking their way into cloud environments, Google says
Extended Rapid Response: Zimperium’s Zero-Day Coverage of Oblivion RAT
LeakNet ransomware: what you need to know
LeakNet Ransomware Uses ClickFix via Hacked Sites, Deploys Deno In-Memory Loader
New font-rendering trick hides malicious commands from AI tools
Rapid7 Guidance on Observed Microsoft Teams Phishing Campaigns
Attackers Abuse LiveChat to Phish Credit Card, Personal Data
Security Firm Executive Targeted in Sophisticated Phishing Attack
‘100 Video Calls Per Day’: Models Are Applying to Be the Face of AI Scams