Hackers Abuse Microsoft 365 Direct Send to Deliver Internal Phishing Emails
A new Proofpoint report reveals how attackers are using Microsoft 365’s Direct Send and unsecured SMTP relays to…
More results...
A new Proofpoint report reveals how attackers are using Microsoft 365’s Direct Send and unsecured SMTP relays to…
Mozilla has issued an urgent security warning to Firefox add-on developers following the detection of a sophisticated phishing campaign targeting accounts on the Add-ons Mozilla Organization (AMO) platform. The alert, published by Scott DeVaney from Mo…
Threat actors are leveraging Microsoft 365’s Direct Send feature to launch sophisticated phishing campaigns that mimic internal organizational emails, eroding trust and heightening the success rate of social engineering exploits. This feature, de…
Researchers at zLabs have been closely monitoring the DoubleTrouble banking trojan, a rapidly evolving malware strain that has shifted its tactics to exploit unsuspecting users across Europe. Initially disseminated via phishing websites mimicking reput…
Threat actors have revived the sophisticated VIP keylogger malware, previously detailed in an earlier white paper for its use of spear-phishing and steganography to infiltrate systems and steal data from web browsers and user credentials. This iteratio…
PyPI warns of phishing emails from noreply@pypj[.]org posing as “[PyPI] Email verification” to redirect users to fake package sites. PyPI warns of an active phishing attack using fake “[PyPI] Email verification” messages from noreply@pypj[.]org, aiming to lure users to spoofed PyPI sites. PyPI, short for the Python Package Index, is the official repository for Python […]
Python developers are being warned about a sophisticated phishing campaign targeting users of the Python Package Index (PyPI) through fraudulent emails and a deceptive clone of the official repository website. While PyPI’s infrastructure remains …
Cybersecurity experts have pointed to an increase in sophisticated threat actor activity following the July 27 2025 Belgian Grand Prix at Spa-Francorchamps, which takes advantage of the event’s worldwide attraction. Formula 1’s reliance on …
Cybercriminals are using a variety of dishonest tactics in a sophisticated phishing effort aimed at Facebook users in order to obtain login information. The attack begins with a malicious redirect that leads victims to a fraudulent website mimicking le…
Ollie Holman was sentenced to prison for selling over 1,000 phishing kits that caused estimated losses of over $134 million.
The post UK Student Sentenced to Prison for Selling Phishing Kits appeared first on SecurityWeek.