A fraud campaign exploiting Indonesia's Coretax tax platform has resulted in financial losses of $1.5m to $2m. The operation identified 228 new malware samples and 996 phishing URLs, targeting a potential pool of 67 million Indonesian taxpayers.

Hackers are exploiting fake Social Security Administration (SSA) emails to hijack PCs by abusing the ScreenConnect tool. This attack does not rely on new viruses but rather on hijacking existing tools and weakening system defenses.

The "AgreeToSteal" attack marks the first known instance of a malicious Microsoft Outlook add-in in the wild, exploiting the abandoned "AgreeTo" add-in to steal over 4,000 Microsoft credentials.

The phishing campaign began in December 2025, initially targeting 504 organizations primarily in the financial services and consulting sectors as part of a testing phase.

A sophisticated phishing campaign is targeting business users by exploiting clean emails, PDF attachments, and cloud storage to steal Dropbox credentials. This attack uses trusted services to bypass security filters and get sensitive information.

A recent phishing scam has been identified, exploiting a legitimate Microsoft email address to deliver scam emails. This advisory provides details on the scam's operation and its implications.

The emergence of custom voice-phishing kits on dark web forums has significantly enhanced the ability of cybercriminals to conduct social engineering scams. These kits are being used to target Google, Microsoft, and Okta accounts.

A sophisticated phishing scam is leveraging PayPal's legitimate invoice system to deceive users by sending verified invoices with fake support numbers. This scam bypasses traditional email security filters, posing a significant threat to users.

The Nomani investment scam has surged by 62%, utilizing AI deepfake ads on social media platforms to deceive users. This alert provides an overview of the scam's tactics, improvements in AI-generated content, and the broader implications of ad fraud.

The Chinese-speaking crypto scam markets on Telegram, specifically Tudou Guarantee and Xinbi Guarantee, have become the largest darknet markets in history. These markets facilitate nearly $2 billion in monthly transactions.