Phishing

A recently discovered phishing campaign is exploiting a stored cross-site scripting (XSS) vulnerability in the open-source Roundcube webmail software to steal login credentials. Threat actors are leveraging a now-patched flaw (CVE-2024-37383) via malicious emails, targeting government organizations in Commonwealth of Independent States (CIS) countries. The vulnerability, patched in May 2024, allowed attackers to execute JavaScript within victims' browsers, tricking them into revealing sensitive login information.

A new ClickFix campaign is targeting users with fake Google Meet conference errors, luring them to download infostealing malware on both Windows and macOS systems. The campaign impersonates technical issues and prompts victims to run malicious PowerShell code, infecting devices with malware like Stealc, Rhadamanthys, and AMOS Stealer.

New variants of the TrickMo banking trojan can now capture Android unlock patterns and PINs, allowing attackers to access locked devices. By using a deceptive user interface that mimics the actual unlock screen, TrickMo tricks victims into revealing sensitive information. This malware can also steal one-time passwords (OTPs) and execute unauthorized transactions across various applications, reflecting a 29% increase in mobile attacks, particularly targeting users in India.

A new phishing campaign targeting the insurance and finance sectors uses GitHub, Telegram bots, and ASCII QR codes to deliver malware and evade security measures. The attack leverages GitHub links and trusted repositories to distribute Remcos RAT, with the payload delivered via phishing emails. Additional techniques such as blob URLs and QR code-based phishing add complexity to detection, while Telegram bots facilitate scams on platforms like Booking.com and Airbnb.

Cyber fraudsters have devised a new tactic by misusing the 1930 toll-free helpline number, intended for reporting cybercrimes, to deceive unsuspecting individuals. In a recent case reported in Hyderabad, a complainant was duped of ₹29.55 lakh after being coerced into joining a fraudulent video call by criminals posing as law enforcement officials.

In September, there was an unprecedented surge in ransomware activity, which came after a period of reduced activity in August,

ExelaStealer, a brand-new information thief, has joined an already crowded field of commercial malware meant to steal sensitive information from

The recent news of hackers using OTP APIs for SMS bombing and 44 Indian APIs being exposed is a matter

Since April 2023, a brand-new information-stealing malware known as “Mystic Stealer” has been advertised on hacking forums and darknet markets,

The MOVEit data theft attacks have caused the Clop ransomware gang to start extorting businesses, first posting the names of