Serverless Phishing Kit on GitHub Targets Mexican Banks
GitBait phishing kit abuses GitHub Pages and the SheetBest API to steal Mexican banking credentials
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
GitBait phishing kit abuses GitHub Pages and the SheetBest API to steal Mexican banking credentials
Almost all organizations impersonated by Chinese phishing platforms are non-Chinese entities, suggesting operators deliberately avoid domestic targets
Microsoft researchers warn of a large-scale phishing campaign using fake compliance emails to steal credentials, targeting 35,000 users across 13,000 organizations worldwide
A large-scale credential theft campaign targeting senior executives has been linked to a previously unknown automated phishing platform called Venom
Tax-season phishing floods deliver RMM malware, credential theft, BEC and tax-form scams
Phishing attack mimicking Bitpanda targets users, harvesting credentials and personal information
New phishing campaign dubbed Operation DoppelBrand targeted major financial firms like Wells Fargo
Multi-stage attack begins with fake message relating to business requests and evades detection with link hidden in a PDF
Threat actors posing as IT support teams use phishing kits to generate fake login sites in real-time to trick victims into handing over credentials
Phishing attacks have been identified using fake PayPal alerts to exploit remote monitoring and management tools
Cybersecurity researchers issue warning over a surge in attacks designed to trick Facebook users into handing over login credentials
Microsoft Threat Intelligence stopped an AI-driven credential phishing campaign using SVG files disguised as PDFs
Microsoft revealed it has seized 338 websites associated with RaccoonO365, a phishing kit which has stolen at least 5000 Microsoft credentials worldwide
The sophisticated campaign aims to steal credentials of sponsor license holders to facilitate immigration fraud, extortion and other monetization schemes
IBM warns of infostealer surge as attackers automate credential theft and adopt AI to generate highly convincing phishing emails en masse
New phishing method targets high-value accounts using real-time email validation
Microsoft said the ongoing phishing campaign is designed to infect hospitality firms with multiple credential-stealing malware
Astaroth is an advanced phishing kit using real-time credential and session cookie capture to compromise Gmail, Yahoo and Office 365 accounts
Hackers hijack high-profile X accounts with phishing scams to steal credentials and promote fraudulent cryptocurrency schemes
A novel phishing campaign identified by Zimperium targets mobile users with malicious PDFs, impersonating USPS to steal credentials