Explore >> Select a destination

You are here

 hunt.io
Russian-Speaking Threat Actor Abuses Cloudflare & Telegram in Phishing Campaign
| | cocomelonc.github.io
Malware development trick 50: phishing attack using a fake login page with Telegram exfiltration. Simple Javascript example. - cocomelonc
3.6 parsecs away

Travel
| | [AI summary] The text describes a sophisticated phishing campaign using multiple exfiltration methods and professional social engineering tactics. It highlights the use of legitimate services like Telegram API and Firebase for malicious purposes, demonstrating advanced evasion techniques. The text also discusses the use of tLab Anti-APT for analyzing and detecting such attacks through automated methods like OCR, email fuzzing, and correlation analysis.
| | blog.polyswarm.io
CastleLoader
3.2 parsecs away

Travel
| | CastleLoader, a versatile malware loader, has infected 469 devices since May 2025, leveraging Cloudflare-themed ClickFix phishing and fake GitHub repositories to deliver information stealers and RATs.
| | blog.talosintelligence.com
Threat actors use copyright infringement phishing lure to deploy infostealers
2.6 parsecs away

Travel
| | * Cisco Talos has observed an unknown threat actor conducting a phishing campaign targeting Facebook business and advertising account users in Taiwan. * The decoy email and fake PDF filenames are designed to impersonate a company's legal department, attempting to lure the victim into downloading and executing malware. * This campaign abuses Google's
| | thehackernews.com
Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack
19.0 parsecs away

Travel
| A critical vulnerability (CVE-2024-3400) in Palo Alto Networks PAN-OS is being actively exploited by threat actors.