Nearly 300 GitHub repos pose as legit software to push malware
A threat actor has published hundreds of fake GitHub repositories impersonating legitimate software and security projects to distribute infostealer malware. [...]
Impersonation attacks mimic trusted people or services to trick users into sharing credentials, sending money, or bypassing security controls.
Search across headline titles and summaries.
Background for this topic.
Impersonation is the deliberate presentation of a person, organization, account, device, or service as another trusted identity. In information security, attackers use stolen credentials, look-alike domains, caller-ID or email spoofing, forged messages, and social engineering to persuade users or systems to accept that false identity. The aim may be account takeover, unauthorized access, fraudulent transactions, or disclosure of sensitive information.
Impersonation commonly targets identity providers, email and messaging systems, help desks, executives, suppliers, and customer-support channels. Useful controls include phishing-resistant multi-factor authentication, least-privilege access, email authentication and domain monitoring, and independent verification of unusual requests—especially changes to payment details or credentials. Detection and response depend on examining authentication logs, device and session context, reported fraudulent messages, and newly registered look-alike domains; compromised accounts should be revoked or reset promptly and impersonated parties notified where appropriate.
Weekly headline count for the current query.
A threat actor has published hundreds of fake GitHub repositories impersonating legitimate software and security projects to distribute infostealer malware. [...]
Specops Software explains how AI is making service desk impersonation attacks more convincing, personalized, and scalable, along with practical steps organizations can take to strengthen onboarding and identity verification. [...]
A phishing campaign is impersonating more than 30 well-known brands, including Adobe, Netflix, Coca-Cola, and OpenAI, in fake job interviews to steal Google account credentials from marketing professionals. [...]
Threat actors are abusing Microsoft Teams voice calls by impersonating corporate IT support staff to trick employees into installing the EtherRAT malware, giving attackers initial access to corporate networks. [...]
A suspected China-nexus threat activity cluster has been observed targeting Indian taxpayers, tax professionals, and corporate finance teams to deliver a remote access trojan designed to steal sensitive data from compromised hosts
Cybersecurity researchers have flagged a new macOS information stealer called PamStealer that employs a series of clever tricks to infect systems and siphon sensitive data
Business email compromise attacks increasingly rely on convincing impersonation rather than malware, making them harder for employees and traditional email defenses to detect. This webinar explores how behavioral AI can help identify sophisticated email threats and automate response workflows. [...]
New findings unearthed by Infoblox show that more than 236,000 websites are using investment scam templates built using a legitimate Chinese open-source, cross-platform application development framework called DCloud Uni-App
JFrog found an npm package impersonating postcss-selector-parser to drop a multi-stage Windows RAT
The North Korean state-sponsored hacking group known as ScarCruft (aka APT37) has been observed using spear-phishing messages impersonating Microsoft Account security notifications to deliver a new malware called NarwhalRAT
Cybersecurity researchers have disclosed details of fraudulent activity targeting users across the Middle East and North Africa by employing various fraudulent Facebook accounts impersonating politicians, public figures, and trusted organizations
Telegram-based 'Outsider Enterprise' accused of sending millions of scam texts and impersonating trusted brands
Victims Increasingly Face Multiple Compromises From a Single IncidentIdentity theft scams are increasingly unfolding as coordinated, AI-assisted attack chains that begin with phishing or impersonation escalate into account takeovers, device compromise and broader fraud, according to the Identity Theft Resource Center.
The financially motivated group is combining vishing, IT impersonation, and in-person office intrusions to steal data and extort victims.
Cybersecurity researchers have flagged a large-scale operation that impersonates open-source and freeware projects to funnel unsuspecting users through a Traffic Distribution System (TDS) and deliver malware families like Remus Stealer, AnimateClipper, and the SessionGate framework
Hacking voting machines is so 2017. Phishing, impersonation pose the real election risks
Threat actors from the Silent Ransom Group, aka Luna Moth, are escalating attacks by impersonating IT staff in phone calls and even showing up in person to gain direct access to victim systems
The FBI is warning of fake websites impersonating FIFA ahead of the 2026 World Cup, to steal personal and financial information, sell fake tickets and hospitality packages, and push other fraud related to the event. [...]
Most malicious open source packages now mimic real code rather than rely on typosquatting
The Iranian state-sponsored threat actor known as Nimbus Manticore (aka Screening Serpens and UNC1549) has been attributed to a fresh campaign using lures impersonating organizations in the aviation and software sectors across the U.S., Europe, and the Middle East following the joint U.S.-Israeli military campaign against the country in late February 2026