Skip to Content

Updated on 2022-12-20: Crypto users claim Gemini email leak occurred much earlier than first reported On 14 Dec, Cointelegraph brought forward revelations about the leak of 5.7 million customer email addresses and partial phone numbers from Gemini crypto exchange. Shortly after, it says multiple users reached out alleging that the leak, which Gemini attributes to …

Read More about Gemini leak

Updated on 2022-12-15 Some threat actors uploaded 144,294 phishing-related packages on open-source repositories, including NuGet (136,258), npm (212), and PyPI (7,894), posing supply chain risks. Read more: HOW 140K NUGET, NPM, AND PYPI PACKAGES WERE USED TO SPREAD PHISHING LINKS Overview: Phishing campaign floods package repositories Checkmarx and Illustria published a joint report on a …

Read More about Phishing campaign floods package repositories

Updated on 2022-12-12: MuddyWater APT Deep Instinct researchers have a report out on a recent spear-phishing campaign carried out by the MuddyWater Iranian APT. This particular campaign was of note because of two things. First, the group used compromised corporate accounts to send out emails to their targets. Second, the final payload was Syncro, a …

Read More about MuddyWater Iranian APT

Updated on 2022-12-06 A financially-motivated threat actor, tracked as Scattered Spider, has been targeting telcos and BPO firms and reversing defense mitigations, reported Crowdstrike. Read more: Sneaky hackers reverse defense mitigations when detected Overview: New Scattered Spider group targets telcos for SIM swapping attacks Please be aware that due to a certificate rotation on our …

Read More about New Scattered Spider group targets telcos for SIM swapping attacks

Updated on 2022-11-23 A crypto-stealing phishing campaign is abusing Microsoft Azure Web Apps service to evade MFA and steal cryptocurrencies from Coinbase, KuCoin, Metamask, and Crypto.com accounts. Read more: Attackers bypass Coinbase and MetaMask 2FA via TeamViewer, fake support chat Overview: 2FA-bypass phishing campaign PIXM researchers said they are tracking a sophisticated phishing campaign that …

Read More about 2FA-bypass phishing campaign

Updated on 2022-11-23 Unit 42 connected the Luna Moth/Silent Ransom Group with multiple callback phishing extortion campaigns targeting businesses in various sectors, including retail and legal. Read more: Threat Assessment: Luna Moth Callback Phishing Campaign Updated on 2022-11-22 Unit42 researchers have a report out on Luna Moth (aka Silent Ransom Group), a threat actor that …

Read More about Luna Moth aka Silent Ransom Group

Updated on 2022-11-06: Dropbox phishing attack exposed some GitHub-stored code Cloud giant Dropbox confirmed a data breach this week affecting its development environment. Dropbox said in a post-mortem that no customer data, content, passwords or payment info was taken. While limited in nature and contained, the disclosure explains what went wrong and why. (Yes, even …

Read More about Dropbox phishing attack exposed some GitHub-stored code

Updated on 2022-10-17 There’s a new phishing framework called Caffeine that includes tons of professional features, including a nice UI, enterprise campaigns, self-service for tooling swaps, redirect page management, dynamically generated URLs, and campaign click metrics. Read more: CAFFEINE: A ‘READILY ACCESSIBLE’ PHISHING-AS-A-SERVICE PLATFORM Updated on 2022-10-11 Mandiant researchers have published a report documenting the …

Read More about Caffeine PhaaS

Updated on 2022-09-23: Phishing Campaign Targets GitHub and CircleCI Users A phishing campaign is targeting customers of GitHub and the CircleCI continuous integration and delivery platform in an attempt to harvest account credentials. Both companies have notified their customers bout the malicious emails. Note It appears that there has been a significant increase in phishing …

Read More about GitHub and CircleCI phishing campaign
Ads Blocker Image Powered by Code Help Pro

Your Support Matters...

We run an independent site that\'s committed to delivering valuable content, but it comes with its challenges. Many of our readers use ad blockers, causing our advertising revenue to decline. Unlike some websites, we haven\'t implemented paywalls to restrict access. Your support can make a significant difference. If you find this website useful and choose to support us, it would greatly secure our future. We appreciate your help. If you\'re currently using an ad blocker, please consider disabling it for our site. Thank you for your understanding and support.