Researchers Spot Uptick in Use of Vercel for Phishing Campaigns
Cofense has warned of a “significant” increase in phishing campaigns abusing Vercel platform
Phishing uses deceptive messages to steal credentials or deliver malware, while user verification, MFA, and email filtering reduce the risk.
Search across headline titles and summaries.
Background for this topic.
Phishing is deceptive communication—by email, text, phone, or a fake website—that impersonates a trusted person or service to make someone disclose credentials, approve a transaction, reveal sensitive information, or run harmful software. Attackers use it to bypass technical controls by persuading a legitimate user to perform an action, and may target employees, customers, administrators, or suppliers.
Its impact can include account takeover, unauthorized payments, exposure of personal or business data, and access to internal systems. The most effective control for stolen-password phishing is phishing-resistant multi-factor authentication, such as hardware-backed passkeys or security keys, which binds authentication to the legitimate site. Organizations should also filter and authenticate messaging where possible, use password managers, restrict risky actions, train users to verify unusual requests through a separate channel, and provide rapid reporting so suspected credentials or sessions can be revoked.
Cofense has warned of a “significant” increase in phishing campaigns abusing Vercel platform
A phishing campaign delivered through Google sponsored search results is targeting credentials for ManageWP, GoDaddy's platform for managing fleets of WordPress websites. [...]
Microsoft researchers warn of a large-scale phishing campaign using fake compliance emails to steal credentials, targeting 35,000 users across 13,000 organizations worldwide
Venomous#Helper attackers impersonate the US Social Security Administration to deploy signed RMM software and maintain persistent access across US networks
Microsoft has disclosed details of a large-scale credential theft campaign that has leveraged a combination of code of conduct-themed lures and legitimate email services to direct users to attacker-controlled domains and steal authentication tokens
Attackers are abusing two remote monitoring and management (RMM) tools to evade detection in a campaign that has impacted over 80 organizations so far.
Cybersecurity firm Kaspersky reports that the Amazon Simple Email Service (SES) is being increasingly abused to send convincing phishing emails that can bypass standard security filters and render reputation-based blocks ineffective. [...]
The Amazon Simple Email Service (SES) is being increasingly abused, a cybersecurity company's telemetry data shows, to send convincing phishing emails that can bypass standard security filters and render reputation-based blocks ineffective. [...]
An active phishing campaign has been observed targeting multiple vectors since at least April 2025 with legitimate Remote Monitoring and Management (RMM) software as a way to establish persistent remote access to compromised hosts
This week, the shadows moved faster than the patches
The China-based cybercrime group known as Silver Fox (aka Monarch, SwimSnake, The Great Thief of Valley, UTG-Q-1000, and Void Arachne) has been linked to a new campaign targeting organizations in Russia and India with a new malware called ABCDoor