Fake npm Website Used to Push Malware via Stolen Token
Fake npm website used in phishing attack to steal maintainer token, leading to malware in popular JavaScript packages like eslint-config-prettier.
Scam
Chinese Groups Launder $580M in India Using Fake Apps and Mule Accounts
CloudSEK’s new report uncovers how Chinese cyber syndicates are laundering over $600 million annually in India. Learn about…
PoisonSeed Tricking Users Into Bypassing FIDO Keys With QR Codes
PoisonSeed group tricks users into bypassing FIDO Keys by misusing QR code logins, highlighting new social engineering risk to secure MFA.
Fake Telegram Apps Spread via 607 Domains in New Android Malware Attack
Fake Telegram apps are being spread through 607 malicious domains to deliver Android malware, using blog-style pages and phishing tactics to trick users.
UK Pet Owners Targeted by Fake Microchip Renewal Scams
Microchip renewal scam targets UK pet owners using leaked data from insecure registries. Emails appear legit but aim to steal money and personal info.
Denmark Moves Toward AI Copyright Rules for Voice and Appearance
Denmark introduces new AI Copyright Rules to ban non-consensual deepfakes, giving citizens legal control over their face, voice and digital likeness.
New Fake Marketplace From China Mimics Top Retail Brands for Fraud
Silent Push exposes thousands of fake e-commerce websites spoofing major brands like Apple and Michael Kors. Learn how this Chinese phishing scam targets shoppers and steals financial data, impacting global consumers.
Scammers Use Microsoft 365 Direct Send to Spoof Emails Targeting US Firms
Scammers are exploiting Microsoft 365 Direct Send to spoof internal emails targeting US firms bypassing security filters with…
New WordPress Malware Hides on Checkout Pages and Imitates Cloudflare
Wordfence exposes a sophisticated WordPress malware campaign using a rogue WordPress Core plugin. Active since 2023, it steals credit cards and credentials with advanced anti-detection.
Apple, Netflix, Microsoft Sites ‘Hacked’ for Tech Support Scams
Tech support scammers are using sponsored ads and search parameter injection to trick users into calling them.
The post Apple, Netflix, Microsoft Sites ‘Hacked’ for Tech Support Scams appeared first on SecurityWeek.