More results...
The cybercriminals attempted to steal $28 million from compromised bank accounts through phishing.
The post Feds Seize Password Database Used in Massive Bank Account Takeover Scheme appeared first on SecurityWeek.
A popular phone call/voicemail scam (i.e., vishing) involves someone calling you, claiming to be law enforcement with a warrant for your arrest, and then offers you an opportunity to avoid arrest by paying the “fine.”
Kaspersky expert describes new malicious tools employed by the Cloud Atlas APT, including implants of their signature backdoors VBShower, VBCloud, PowerShower, and CloudAtlas.
Between June 2024 and December 2025, Fortra analysts tracked a persistent business email compromise (BEC) operation that we have now classified as Scripted Sparrow. The group carries out well-crafted highly targeted phishing campaigns that masquerade a…
Attackers are targeting Microsoft 365 users with device code authorization phishing, a technique that fools users into approving access tokens, Proofpoint warns. The method abuses Microsoft’s OAuth 2.0 device authorization grant flow by presenting user…
Phishing campaign: Scammers sent over 40,000 spoofed SharePoint, DocuSign and e-sign emails to companies, hiding malicious links behind trusted redirect services.
A sophisticated phishing toolkit dubbed “Spiderman” has emerged as a significant threat to European banking customers, enabling cybercriminals to create convincing fake login pages for dozens of financial institutions with just a few clicks…
Varonis threat analysts warn about Spiderman, a dangerous new kit that automates attacks against European banks and crypto customers, stealing a victim’s full identity profile.
Infoblox Threat Intel reports a campaign that used the Evilginx phishing kit to bypass Multi-Factor Authentication (MFA) and steal credentials from 18 US universities between April and November 2025.
A sophisticated phishing campaign is targeting users through Microsoft Teams notifications, exploiting the platform’s trusted status to deliver deceptive messages that appear legitimate to both recipients and email security filters. Threat actors…