Cybersecurity researchers have detailed a new adversary-in-the-middle (AitM) phishing kit that's capable of Microsoft 365 accounts with an aim to steal credentials and two-factor authentication (2FA) codes since at least October 2024.

The attackers are running ads on Google Search impersonating Google Ads, showing as sponsored results that redirect potential victims to fake login pages hosted on Google Sites but looking like the official Google Ads homepage.

The new evidence suggests that Pyongyang-based threat groups may have pulled off illicit money-making scams that predate the use of IT workers, SecureWorks Counter Threat Unit (CTU) said in a report shared with The Hacker News.

Researchers at Cyderes warned of a recent wave of phishing campaigns leveraging cleverly disguised URLs and Microsoft 365 password expiry lures to trick users into divulging sensitive credentials.

Apple iMessage automatically disables links in messages from unknown senders for protection. However, if users reply to these messages or save the sender's contact information, the links get re-enabled, which can be abused by scammers.

The attack, spotted by ScamSniffer, highlights a flaw in transaction simulation mechanisms used in modern Web3 wallets, meant to safeguard users from fraudulent and malicious transactions.

CrowdStrike researchers warned of a phishing campaign that exploits its own branding to distribute a cryptocurrency miner that's disguised as an employee CRM application as part of a supposed recruitment process.

Obsidian uncovered a new phishing campaign targeting Microsoft 365 accounts. The campaign uses a mix of email redirects and open redirect vulnerabilities, which makes it hard for traditional phishing solutions to detect and block.

Researchers at Group-IB uncovered a sophisticated, multi-stage fraud campaign designed to trick consumers into sharing their card details. The fraudsters purchase logins to government accounts, originally obtained via infostealers, from the dark web.

Fortinet researchers identified a new phishing technique exploiting PayPal’s money request feature, using a legitimate PayPal money request that may appear genuine to recipients.