Scammers have a new tactic: impersonating DOGE

The campaign targeted over 1,800 email addresses and more than 350 organizations, including colleges, universities, transit entities, and government bodies. The attackers aim to steal PII.

helpnetsecurity
Threat Intel & Info Sharing

July 5, 2025

NTLM relay attacks are back from the dead

NTLM relay attacks can compromise domain-joined hosts without requiring password cracking. These attacks can reach Tier Zero assets, significantly increasing the risk and potential damage.

July 4, 2025

Taiwan Flags Chinese Apps Over Data Security Violations

Taiwan’s National Security Bureau (NSB) has issued a public warning following random inspections of five Chinese-developed mobile applications—TikTok, WeChat, Weibo, Baidu Cloud, and rednote—widely used by Taiwanese citizens.

gbhackers
Threat Intel & Info Sharing

July 4, 2025

Researchers Defeat Content Security Policy Protections via HTML Injection

Security researchers have demonstrated a method to bypass nonce-based Content Security Policy (CSP) protections using HTML injection, CSS-based nonce leakage, and browser cache manipulation.

therecord
Threat Intel & Info Sharing

July 3, 2025

China-linked hackers spoof big-name brand websites to steal shoppers' payment info

A sophisticated phishing campaign, likely operated by China-based cybercriminals, is targeting global online shoppers through thousands of fraudulent retail websites impersonating major brands.

cofense
Threat Intel & Info Sharing

June 30, 2025

CapCut Con: Apple Phishing & Card-Stealing Refund Ruse

Threat actors are leveraging the popularity of CapCut, a widely used video editing app, to execute a sophisticated phishing campaign aimed at stealing Apple ID credentials and credit card information.

malwarebytes
Threat Intel & Info Sharing

June 28, 2025

Fake DocuSign email hides tricky phishing attempt

A sophisticated phishing campaign has been observed leveraging legitimate services such as DocuSign, Webflow, and Google to deceive users and conduct system reconnaissance.

arcticwolf
Threat Intel & Info Sharing

June 27, 2025

GIFTEDCROOK’s Strategic Pivot: From Browser Stealer to Data Exfiltration Platform During Critical Ukraine Negotiations

Threat actor UAC-0226 is leveraging the evolving GIFTEDCROOK malware in an espionage campaign. Initially a browser credential stealer, GIFTEDCROOK has transformed into a robust surveillance tool targeting Ukrainian government and military entities.

bleepingcomputer
Threat Intel & Info Sharing

June 26, 2025

Microsoft 365 'Direct Send' abused to send phishing as internal users

A phishing campaign is actively exploiting Microsoft 365's "Direct Send" feature to send spoofed internal emails and steal user credentials. Direct Send, which allows unauthenticated email sending via a tenant's smart host, is a known security risk.

gbhackers
Threat Intel & Info Sharing

June 26, 2025

MOVEit Transfer Systems Hit by Wave of Attacks Using Over 100 Unique IPs

A significant surge in scanning and exploitation activity has been observed targeting Progress Software’s MOVEit Transfer platform. Over 682 unique IP addresses have been identified in scanning operations.