September 27, 2024 at 05:42AM Russian-speaking users are being targeted in a new cybercrime campaign using a commodity trojan called DCRat distributed through HTML smuggling. The technique involves embedding or retrieving the payload within HTML files, which are then propagated via bogus sites or malspam campaigns. Organizations are advised to monitor HTTP and HTTPS traffic … Read more
September 24, 2024 at 01:06PM Researchers discovered malicious code targeting French users created with the help of generative AI to distribute the AsyncRAT malware. Despite safeguards, AI-generated malware has been found in real attacks. Cybercriminals are increasingly using generative AI to produce malware, employing tactics like HTML smuggling to deliver password-protected files. This trend is … Read more
May 27, 2024 at 06:06AM Researchers have identified phishing campaigns abusing Cloudflare Workers to serve phishing sites targeting Microsoft, Gmail, Yahoo!, and cPanel Webmail users. The phishing method, called transparent phishing, utilizes Cloudflare Workers as a reverse proxy server. The attacks predominantly target Asia, North America, and Southern Europe, using HTML smuggling to deploy the … Read more
March 18, 2024 at 08:45AM A new malware campaign using bogus Google Sites and HTML smuggling to distribute the AZORult malware for information theft has been discovered by cybersecurity researchers. The campaign employs stealthy tactics to bypass security controls, with findings revealing similar techniques used in recent phishing campaigns to disseminate other malware like Agent … Read more