Phishing Scam Uses Clean Emails and PDFs to Steal Dropbox Logins

A multi-stage phishing campaign is targeting business users by exploiting Vercel cloud storage, PDF attachments, and Telegram bots to steal Dropbox credentials...

Iranian APT ‘Prince of Persia’ Resurfaces With New Tools and Targets

SafeBreach reports the resurgence of the Iranian APT group Prince of Persia Infy. Discover how these state-sponsored hackers are now using Telegram bots and Thunder and Lightning malware to target victims globally across Europe, India, and Canada...

ShadowSilk Hits 35 Organizations in Central Asia and APAC Using Telegram Bots

A threat activity cluster known as ShadowSilk has been attributed to a fresh set of attacks targeting government entities within Central Asia and Asia-Pacific APAC. According to Group-IB, nearly three dozen victims have been identified, with the intrusions mainly geared towards data exfiltration...

MAL-2025-4186 Malicious code in node-telegram-bots-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 855eef79389ff9b44946f9ab78bd1c5458c090ebc43c875626786bb46280763a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in node-telegram-bots-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 855eef79389ff9b44946f9ab78bd1c5458c090ebc43c875626786bb46280763a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Snake Keylogger Variant Hits Windows, Steals Data via Telegram Bots

The New Snake Keylogger variant targets Windows users via phishing emails, using AutoIt for stealth. Learn how it…...

MAL-2025-1444 Malicious code in telegram-bots (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ce26b83a8f4eda763f723d82a057158e8b6265de39b789ca17e5d38884401cf8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in telegram-bots (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ce26b83a8f4eda763f723d82a057158e8b6265de39b789ca17e5d38884401cf8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

GitHub, Telegram Bots, and ASCII QR Codes Abused in New Wave of Phishing Attacks

A new tax-themed malware campaign targeting insurance and finance sectors has been observed leveraging GitHub links in phishing email messages as a way to bypass security measures and deliver Remcos RAT, indicating that the method is gaining traction among threat actors. "In this campaign,...

The Telegram phishing market

Telegram has been gaining popularity with users around the world year by year. Common users are not the only ones who have recognized the messaging apps handy features — cybercrooks have already made it a branch of the dark web, their Telegram activity soaring since late 2021. The service is...

DEV-1101 enables high-volume AiTM campaigns with open-source phishing kit

Adversary-in-the-middle AiTM phishing kits are part of an increasing trend that is observed supplanting many other less advanced forms of phishing. AiTM phishing is capable of circumventing multifactor authentication MFA through reverse-proxy functionality. DEV-1101 is an actor tracked by Microso...

Researchers Uncover Classiscam Scam-as-a-Service Operations in Singapore

A sophisticated scam-as-a-service operation dubbed Classiscam has now infiltrated into Singapore, more than 1.5 years after expanding to Europe. "Scammers posing as legitimate buyers approach sellers with the request to purchase goods from their listings and the ultimate aim of stealing payment...

Telegram Bots Stealing One-Time Passwords

By Waqas So far two Telegram bots called SMSRanger and BloodOTPbot have been found taking part in this malicious campaign. This is a post from HackRead.com Read the original post: Telegram Bots Stealing One-Time Passwords...

Threat Actors Weaponize Telegram Bots for ExtortionThreat Actors Weaponize Telegram Bots to Compromise PayPal Accounts

Cybercriminals are using Telegram bots to steal one-time password tokens OTPs and defraud people through banks and online payment systems, including PayPal, Apple Pay and Google Pay, new research has found. Researchers from Intel 471 discovered the campaign, which has been operational since June,...

Telegram Bots at Heart of Classiscam Scam-as-a-Service

A new automated scam-as-a-service has been unearthed, which leverages Telegram bots in order to steal money and payment data from European victims. The scam, which researchers call Classiscam, is being sold as a service by Russian-speaking cybercriminals, and has been used by at least 40 separate...

CVE-2020-12595

creationtimestamp| type| source ---|---|--- 2020-12-10 12:33:49+00:00| seen| https://t.me/cibsecurity/18722 2020-12-10 12:41:12+00:00| seen| https://t.me/cibsecurity/18742 2020-12-10 13:25:27+00:00| seen| https://t.me/cibsecurity/18762 2020-12-10 14:03:18+00:00| seen| https://t.me/cibsecurity/187...

Masad Spyware Uses Telegram Bots for Command-and-Control

A freshly discovered commercial spyware dubbed the “Masad Clipper and Stealer” is using Telegram bots as its command-and-control C2 hub. Masad harvests information from Windows and Android users and also comes with a full cadre of other malicious capabilities, including the ability to steal...