Phishing Campaign Hides Lua Loader as TrueType Font File
Global phishing campaign disguised a Lua loader as a font file to deploy RATs and infostealers
Phishing uses deceptive messages to steal credentials or deliver malware, while user verification, MFA, and email filtering reduce the risk.
Search across headline titles and summaries.
Background for this topic.
Phishing is deceptive communication—by email, text, phone, or a fake website—that impersonates a trusted person or service to make someone disclose credentials, approve a transaction, reveal sensitive information, or run harmful software. Attackers use it to bypass technical controls by persuading a legitimate user to perform an action, and may target employees, customers, administrators, or suppliers.
Its impact can include account takeover, unauthorized payments, exposure of personal or business data, and access to internal systems. The most effective control for stolen-password phishing is phishing-resistant multi-factor authentication, such as hardware-backed passkeys or security keys, which binds authentication to the legitimate site. Organizations should also filter and authenticate messaging where possible, use password managers, restrict risky actions, train users to verify unusual requests through a separate channel, and provide rapid reporting so suspected credentials or sessions can be revoked.
Weekly headline count for the current query.
Global phishing campaign disguised a Lua loader as a font file to deploy RATs and infostealers
Six-month phishing campaign used seasonal eCard lures to plant legitimate RMM tools on victims
Research of incidents by Sophos finds that phishing, brute force attacks and other identity-based threats have surpassed software vulnerabilities as means of delivering ransomware
Misconfigured server exposed three phishing operators running Evilginx forks to bypass MFA
Attacks also used a compromised chatbot in campaign to steal sensitive information from Business Users
Bitdefender researchers warned of curious ransomware campaign which has targeted businesses around the world
FortiGuard says the Brazilian banking trojan Ousaban is targeting Spain and Portugal via phishing
A wave of phishing emails sent to Booking.com partner accommodations in Japan in May led to blockchain-hosted malware
The FBI claims Russian spies are targeting Signal backup keys
GitBait phishing kit abuses GitHub Pages and the SheetBest API to steal Mexican banking credentials
New revelations by Group-IB expose the full scale of the decade-old SniperDz phishing operation
Menlo Security research warns that as enterprise applications become increasingly browser based, traditional cybersecurity tools leave them vulnerable to cyber threats
Meta’s WhatsApp demands contempt ruling after users report NSO Group-linked phishing
Push Security says threat actors are delivering malware hosted on chatgpt.com/s/ domain
Group-IB uncovered Ghost Stadium phishing and 4300 fake FIFA World Cup domains targeting fans
Almost all organizations impersonated by Chinese phishing platforms are non-Chinese entities, suggesting operators deliberately avoid domestic targets
BTMOB Android RAT sold as a service with a no-code builder for fast, regional phishing lures
Iran's Nimbus Manticore pushes AI-built MiniFast backdoor via phishing and SEO poisoning
The Kali365 phishing-as-a-service platform lowers the barrier of entry for cybercriminals, said the FBI
Cofense has warned of a “significant” increase in phishing campaigns abusing Vercel platform