April 23, 2024 at 03:52PM Hackers are exploiting unpublished GitHub and GitLab comments to create convincing phishing links from legitimate open source software projects. They secretly add malware to a repository and obtain a shareable link, even if the comment is deleted. This flaw affects millions of users and can damage the credibility of the … Read more
April 22, 2024 at 03:44PM A phishing campaign targeted Nespresso’s website, exploiting a bug and evading detection by adding malicious links. It starts with a deceptive Bank of America email, tricking targets into a compromised Nespresso URL. The attackers utilize an open redirect vulnerability, bypassing security tools. The campaign consistently uses infected Nespresso URLs and … Read more
February 20, 2024 at 03:54PM Researchers have identified a concerning increase in the spread of banking malware through abusive use of Google Cloud Run Service. Campaigns have expanded beyond Latin America, with Cisco Talos noting an uptick in such attacks since September 2023. Malicious emails with links to threat-controlled Cloud Run Web services are used … Read more
November 21, 2023 at 06:24AM QR code-based phishing techniques, known as “quishing,” are becoming popular among cybercriminals. By embedding malicious links in QR codes, attackers can bypass spam filters and evade detection. CAPTCHAs are also being exploited in phishing attacks to mask credential-harvesting forms on fake websites. Additionally, steganography is being used to hide malicious … Read more
October 31, 2023 at 02:03PM A cyber threat actor known as “Prolific Puma” is using a link-shortening service to provide cybercriminals with .us domains, making their phishing campaigns harder to detect. Prolific Puma has generated over 75,000 unique domains in the past 18 months, evading regulations and providing criminals with shortened links that fit in … Read more
October 31, 2023 at 01:55PM APT group Arid Viper is targeting Arabic-speaking Android users with a fake dating app called Skipped. It collects sensitive user information by sharing malicious links disguised as updates. The attackers control the domains used in the campaign and have been active since April 2022. The malware can disable security notifications … Read more