Today > | 1 Medium vulnerabilities - You can now download lists of IOCs here!
3 attack reports | 0 vulnerabilities
As the holiday season approaches, threat actors are exploiting people's desires for deals, jobs, and end-of-year bonuses. Researchers have observed an increase in themed content delivering malware, fraud, and credential phishing campaigns. Examples include a 'Winter Holiday Promotion' campaign deli…
Since June 2024, the Iran-nexus actor CHARMING KITTEN has been creating new network infrastructure for credential phishing, targeting individuals perceived as threats to the Iranian regime. The actor's infrastructure, known as Cluster B, uses domains with specific characteristics like similar TLDs,…
Since August 2024, an India-linked threat actor has been targeting entities in China and South Asia using credential phishing pages that mimic legitimate webmail login portals. The campaign primarily focuses on government and defense sectors. The phishing domains share common characteristics, inclu…