Cybercriminals are launching attacks from all angles this week, turning legitimate tools against users and deploying malicious infrastructure at an alarming rate. Hackers are now using RedTiger, a Python-based penetration testing suite, to build malware that steals everything from Discord data and payment details to cryptocurrency wallets. Simultaneously, a new phishing attack called CoPhish is exploiting Microsoft Copilot Studio agents, tricking users into giving up OAuth tokens. This comes as the Smishing Triad has been tied to over 194,000 malicious domains since January 2024 to power its massive global smishing campaigns. Read on for more.
01
Hackers are using RedTiger, a Python-based penetration testing suite, to create malware that steals Discord account data, payment details, browser credentials, cryptocurrency wallet files, and game accounts.
02
A new phishing attack called CoPhish exploits Microsoft Copilot Studio agents to steal OAuth tokens by delivering fraudulent consent requests through legitimate Microsoft domains.
03
APT36, a Pakistan-based threat actor group, has been targeting Indian government entities through spear-phishing attacks that deliver a Golang-based malware known as DeskRAT.
04
A new Android malware named Baohuo is rapidly spreading through counterfeit versions of Telegram X. Disguised as a legitimate app, Baohuo connects to remote servers and provides full access to the victim's Telegram messages and contacts.
05
Dell addressed multiple bugs in its Storage Center and Storage Manager software, which could allow remote attackers to bypass authentication mechanisms and gain unauthorized access to sensitive management functions.
06
A phishing campaign targeting LastPass users began in mid-October, using fake death claims to gain access to password vaults. The campaign is linked to the financially motivated CryptoChameleon group.
07
Hackers are exploiting outdated WordPress plugins, specifically GutenKit and Hunk Companion, to launch mass attacks that leverage critical vulnerabilities for remote code execution.
08
A China-linked group, Smishing Triad, has been tied to over 194,000 malicious domains since January 2024, targeting global services through smishing campaigns.
09
OpenAI's newly launched Atlas web browser is vulnerable to prompt injection attacks, allowing malicious users to disguise harmful instructions as seemingly harmless URLs.
10
The UN launched the first-ever Convention against Cybercrime, signed by 72 nations, aiming to combat cybercrime and support developing countries.
