The FBI has shared 42,000 phishing domains tied to the LabHost cybercrime platform, one of the largest global phishing-as-a-service (PhaaS) platforms that was dismantled in April 2024. The published domains were registered between November 2021 and April 2024, the time of its seizure, and are being shared to increase awareness and provide indicators of compromise. … Read more
Phishing attacks aren’t new. But every now and then, one shows up that makes you do a double-take. That’s what happened this week when developer Nick Johnson shared a Google phishing email that somehow slipped past Gmail’s usual warnings. The email came from [email protected] and was actually signed by accounts.google.com. In other words, it looked … Read more
If you receive an email from Google that appears to be a legitimate security alert, do not proceed. Scammers are taking advantage of vulnerabilities in Google’s authentication protocols to send phishing messages that appear convincing enough to steal unsuspecting users’ account credentials. Here’s how to protect yourself. How this new Google phishing scam works As … Read more
A Windows vulnerability that exposes NTLM hashes using .library-ms files is now actively exploited by hackers in phishing campaigns targeting government entities and private companies. The flaw tracked as CVE-2025-24054 was fixed in Microsoft’s March 2025 Patch Tuesday. Initially, it was not marked as actively exploited and was assessed as ‘less likely’ to be. However, … Read more
Russian state-sponsored espionage group Midnight Blizzard is behind a new spear-phishing campaign targeting diplomatic entities in Europe, including embassies. Midnight Blizzard, aka ‘Cozy Bear’ or ‘APT29,’ is a state-sponsored cyberespionage group linked to Russia’s Foreign Intelligence Service (SVR). According to Check Point Research, the new campaign introduces a previously unseen malware loader called ‘GrapeLoader,’ and a … Read more
Phishing-as-a-service (PhaaS) platform Tycoon2FA, known for bypassing multi-factor authentication on Microsoft 365 and Gmail accounts, has received updates that improve its stealth and evasion capabilities. Tycoon2FA was discovered in October 2023 by Sekoia researchers, who later reported significant updates on the phishing kit that increased its sophistication and effectiveness. Trustwave now reports that the Tycoon 2FA … Read more
An ongoing phishing campaign impersonating E-ZPass and other toll agencies has surged recently, with recipients receiving multiple iMessage and SMS texts to steal personal and credit card information. The messages embed links that, if clicked, take the victim to a phishing site impersonating E-ZPass, The Toll Roads, FasTrak, Florida Turnpike, or another toll authority that attempts to … Read more
A large-scale phishing campaign dubbed ‘PoisonSeed’ compromises corporate email marketing accounts to distribute emails containing crypto seed phrases used to drain cryptocurrency wallets. According to SilentPush, the campaign targets Coinbase and Ledger using compromised accounts at Mailchimp, SendGrid, HubSpot, Mailgun, and Zoho. The researchers link the campaign to recent incidents, such as the case of Troy Hunt’s … Read more
The zkLend exploiter lost all 2,930 ETH in a phishing scam while trying to launder the stolen money using what they thought was Tornado Cash. According to a Mar. 31 post on X by Consensys-backed De.Fi Antivirus Web3, the attacker mistakenly deposited the stolen funds into a fake Tornado Cash website, resulting in an immediate … Read more
The hacker behind the $9.6 million exploit of the decentralized money-lending protocol zkLend in February claims they’ve just fallen victim to a phishing website impersonating Tornado Cash, resulting in the loss of a significant portion of the stolen funds. In a message sent to zkLend through Etherscan on March 31, the hacker claimed to have … Read more