Lucene search
K

4 matches found

Microsoft Secure
Microsoft Secure
added 2026/05/04 3:0 p.m.17 views

Breaking the code: Multi-stage ‘code of conduct’ phishing campaign leads to AiTM token compromise

In this article 1. Multi-step social engineering campaign leading to credential theft 2. Mitigation and protection guidance 3. Microsoft Defender detections 4. Hunting queries 5. Indicators of compromise Phishing campaigns continue to improve sophistication and refinement in blending social...

5.7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/12/29 9:44 a.m.6 views

27 Malicious npm Packages Used as Phishing Infrastructure to Steal Login Credentials

Cybersecurity researchers have disclosed details of what has been described as a "sustained and targeted" spear-phishing campaign that has published over two dozen packages to the npm registry to facilitate credential theft. The activity, which involved uploading 27 npm packages from six differen...

6.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/01/30 3:56 p.m.13 views

Microsoft advertisers phished via malicious Google ads

Just days after we uncovered a campaign targeting Google Ads accounts, a similar attack has surfaced, this time aimed at Microsoft advertisers. These malicious ads, appearing on Google Search, are designed to steal the login information of users trying to access Microsoft's advertising platform...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/06/01 1:0 p.m.195 views

Kimsuky APT continues to target South Korean government using AppleSeed backdoor

This blog post was authored by Hossein Jazi. The Kimsuky APT—also known as Thallium, Black Banshee, and Velvet Chollima—is a North Korean threat actor that has been active since 2012. The group conducts cyber espionage operations to target government entities mainly in South Korea. On December...

7.5AI score
Exploits0
Rows per page
Query Builder