A Synthetic Conversational Smishing Dataset for Social Engineering Detection

Smishing SMS phishing has become a serious cybersecurity threat, especially for elderly and cyber-unaware individuals, causing financial loss and undermining user trust. Although prior work has focused on detecting smishing at the level of individual messages, real-world attackers often rely on...

AT&T breach data resurfaces with new risks for customers

When data resurfaces, it never comes back weaker. A newly shared dataset tied to AT&T shows just how much more dangerous an “old” breach can become once criminals have enough of the right details to work with. The dataset, privately circulated since February 2, 2026, is described as AT&T customer...

Arsen Launches Smishing Simulation to Help Companies Defend Against Mobile Phishing Threats

Paris, France, 24th October 2025, CyberNewsWire...

ThreatsDay Bulletin: $15B Crypto Bust, Satellite Spying, Billion-Dollar Smishing, Android RATs & More

The online world is changing fast. Every week, new scams, hacks, and tricks show how easy it's become to turn everyday technology into a weapon. Tools made to help us work, connect, and stay safe are now being used to steal, spy, and deceive. Hackers don't always break systems anymore — they use...

New Android Malware Wave Hits Banking via NFC Relay Fraud, Call Hijacking, and Root Exploits

Cybersecurity researchers have disclosed a new Android trojan called PhantomCard that abuses near-field communication NFC to conduct relay attacks for facilitating fraudulent transactions in attacks targeting banking customers in Brazil. "PhantomCard relays NFC data from a victim's banking card t...

This AI-Powered Cybercrime Service Bundles Phishing Kits with Malicious Android Apps

A Spanish-speaking cybercrime group named GXC Team has been observed bundling phishing kits with malicious Android applications, taking malware-as-a-service MaaS offerings to the next level. Singaporean cybersecurity company Group-IB, which has been tracking the e-crime actor since January 2023,...

IR Trends: Ransomware on the rise, while technology becomes most targeted sector

Business email compromise BEC and ransomware were the top threats observed by Cisco Talos Incident Response Talos IR in the second quarter of 2024, together accounting for 60 percent of engagements. Although there was a decrease in BEC engagements from last quarter, it was still a major threat fo...

Twilio's Authy App Attack Exposes Millions of Phone Numbers

Cloud communications provider Twilio has revealed that unidentified threat actors took advantage of an unauthenticated endpoint in Authy to identify data associated with Authy accounts, including users' cell phone numbers. The company said it took steps to secure the endpoint to no longer accept...

Chinese ‘Smishing Triad’ Group Targets Pakistanis with SMS Phishing

Protect yourself from Smishing attacks in Pakistan! Smishing Triad, a notorious cybercriminal group, is targeting Pakistani bank customers with fake Pakistan Post messages. Learn how to identify and avoid these scams to protect your financial information...

Darcula Phishing Network Leveraging RCS and iMessage to Evade Detection

A sophisticated phishing-as-a-service PhaaS platform called Darcula has set its sights on organizations in over 100 countries by leveraging a massive network of more than 20,000 counterfeit domains to help cyber criminals launch attacks at scale. "Using iMessage and RCS rather than SMS to send te...

Novel Smishing Kit Leverages Cloud Platform

Summary: SNS Sender, a malicious Python script that leverages AWS SNS for mass SMS spamming, presents a novel approach to cloud-based attack tools, particularly in the area of smishing. The ARDUINODAS threat actor is linked to the operation that uses this cloud capability to send out a lot of...

GoldPickaxe Trojan steals your face!

Well, the GoldPickaxe Trojan does not literally steal your face, but it does steal an image of your face in order to be able to identify as you. Researchers have found a family of Trojans, attributed to a financially motivated Chinese group, which come in versions for iOS and Android...

Chinese Hackers Using Deepfakes in Advanced Mobile Banking Malware Attacks

A Chinese-speaking threat actor codenamed GoldFactory has been attributed to the development of highly sophisticated banking trojans, including a previously undocumented iOS malware called GoldPickaxe that's capable of harvesting identity documents, facial recognition data, and intercepting SMS...

MoqHao Android Malware Evolves with Auto-Execution Capability

Threat hunters have identified a new variant of Android malware called MoqHao that automatically executes on infected devices without requiring any user interaction. "Typical MoqHao requires users to install and launch the app to get their desired purpose, but this new variant requires no...

Protecting credentials against social engineering: Cyberattack Series

Our story begins with a customer whose help desk unwittingly assisted a threat actor posing as a credentialed employee. In this fourth report in our ongoing Cyberattack Series, we look at the steps taken to discover, understand, and respond to a credential phishing and smishing text-based phishin...

Protecting credentials against social engineering: Cyberattack Series

Our story begins with a customer whose help desk unwittingly assisted a threat actor posing as a credentialed employee. In this fourth report in our ongoing Cyberattack Series, we look at the steps taken to discover, understand, and respond to a credential phishing and smishing text-based phishin...

Chinese-Speaking Cybercriminals Launch Large-Scale iMessage Smishing Campaign in U.S.

A new large-scale smishing campaign is targeting the U.S. by sending iMessages from compromised Apple iCloud accounts with an aim to conduct identity theft and financial fraud. "The Chinese-speaking threat actors behind this campaign are operating a package-tracking text scam sent via iMessage to...

Chinese Smishing Triad Gang Hits US Users in Extensive Cybercrime Attack

By Deeba Ahmed Smishing Triad Impersonating Leading Mail/Delivery Services in New Attack This is a post from HackRead.com Read the original post: Chinese Smishing Triad Gang Hits US Users in Extensive Cybercrime Attack...

Mexico-Based Hacker Targets Global Banks with Android Malware

An e-crime actor of Mexican provenance has been linked to an Android mobile malware campaign targeting financial institutions globally, but with a specific focus on Spanish and Chilean banks, from June 2021 to April 2023. The activity is being attributed to an actor codenamed NeoNet, according to...

Cybercrime Group 'Muddled Libra' Targets BPO Sector with Advanced Social Engineering

A threat actor known as Muddled Libra is targeting the business process outsourcing BPO industry with persistent attacks that leverage advanced social engineering ploys to gain initial access. "The attack style defining Muddled Libra appeared on the cybersecurity radar in late 2022 with the relea...