Cyber Hygiene in Action – My Personal Response to a Fraud Attempt
It was the evening of October 5th, 2025—pleasant, quiet, and just the way I like it. I was unwinding with a warm cup of coffee, letting the day settle, when…
The CoinLurker Campaign: A Comprehensive Outlook
The CoinLurker campaign is a highly sophisticated cyber attack that leverages fake software update prompts to deploy malware. This campaign is characterized by its advanced obfuscation techniques and anti-analysis methods,…
Numerous Chrome extensions under siege
In December 2024, a sophisticated cyberattack compromised at least 16 Chrome browser extensions, exposing over 600,000 users to potential data theft. This attack demonstrated the ever-evolving threat landscape and the…
EchoSpoofing bug in Proofpoint enabled phishing campaign
Security researchers have discovered an exploit that allowed threat actors to override Proofpoint email protections and sends millions of spoofed emails aimed at stealing funds and credit card details. Proofpoint's…
PhatomBlu Phishing Campaign
Threat actors are luring employees across organizations in the US with a phishing campaign dubbed “PhantomBlu,” which is masquerading as a message from an accounting service. A significant evolution in…
Phishing Campaign Abuses QR Codes
Researchers have spotted a phishing campaign that combines QR codes, expired Bing URL redirect links, and spoofed Microsoft security email targetted a large U.S. energy company in a test run…
Zimbra Users targeted by Phishing Campaign
Researchers have come up with a warning about a mass phishing campaign actively targeting Zimbra account user credentials. The ongoing campaign is targeting a variety of small and medium businesses…
Salesforce Domain Used in the Phishing Campaign
Researchers have discovered an email phishing campaign exploiting a zero-day vulnerability in Salesforce’s legitimate email services and SMTP servers. The vulnerability allowed threat actors to craft targeted phishing emails, evading…