More results...
Cybersecurity researchers are raising alarms as hackers increasingly weaponize email input fields to execute cross-site scripting (XSS) and server-side request forgery (SSRF) attacks. These vulnerabilities, often overlooked in web a…
Cybersecurity researchers are raising alarms as hackers increasingly weaponize email input fields to execute cross-site scripting (XSS) and server-side request forgery (SSRF) attacks. These vulnerabilities, often overlooked in web a…
Proofpoint, a leading cybersecurity firm, has identified and named a new financially motivated Business Email Compromise (BEC) threat actor, dubbed TA2900, actively targeting individuals in France and occasionally Canada. This actor employs sophisticat…
Threat actors are increasingly leveraging Google Forms, the tech giant’s widely-used form and quiz-building tool, to orchestrate sophisticated phishing and malware distribution campaigns. Since its launch in 2008, Google Forms has captured nearly 50% o…
A critical vulnerability in SSL.com’s domain validation process allowed unauthorized parties to fraudulently obtain TLS certificates for high-profile domains, including Alibaba Cloud’s aliyun.com, researchers revealed this week. The certificate authori…
A new variant of the FOG ransomware has been identified, with attackers exploiting the name of the Department of Government Efficiency (DOGE) to mislead victims. This operation, which came to light through the analysis of nine malware samples uploaded …
Threat actors are increasingly using email bombing to bypass security protocols and facilitate further malicious endeavors. Email bombing, known also as a “spam bomb,” involves flooding a target’s email inbox with a massive volume of …
‘PoisonSeed’ phishing campaign targets CRM and bulk email providers to distribute “crypto seed phrase” messages.
The post CRM, Bulk Email Providers Targeted in Crypto Phishing Campaign appeared first on SecurityWeek.
A concerning malware campaign was disclosed by the AhnLab Security Intelligence Center (ASEC), revealing how threat actors are leveraging fake recruitment emails to distribute malicious payloads. The attackers impersonated Dev.to, a prominent developer…
A sophisticated phishing campaign, dubbed “PoisonSeed,” has been identified targeting customer relationship management (CRM) and bulk email providers to facilitate cryptocurrency-related scams. The threat actors behind this campaign are lev…