phishing attempts – Experimental News Clipping Site

The Register: Hijacker helper VoidProxy boosts Google, Microsoft accounts on demand

Sep 11, 2025

—

by

Source URL: https://www.theregister.com/2025/09/11/voidproxy_phishing_service/ Source: The Register Title: Hijacker helper VoidProxy boosts Google, Microsoft accounts on demand Feedly Summary: Okta uncovers new phishing-as-a-service operation with ‘multiple entities’ falling victim Multiple attackers using a new phishing service dubbed VoidProxy to target organizations’ Microsoft and Google accounts have successfully stolen users’ credentials, multi-factor authentication codes, and session tokens…

Krebs on Security: 18 Popular Code Packages Hacked, Rigged to Steal Crypto

Sep 8, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://krebsonsecurity.com/2025/09/18-popular-code-packages-hacked-rigged-to-steal-crypto/ Source: Krebs on Security Title: 18 Popular Code Packages Hacked, Rigged to Steal Crypto Feedly Summary: At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved in maintaining the projects was phished. The…

The Register: Stolen OAuth tokens expose Palo Alto customer data

Sep 2, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/09/02/stolen_oauth_tokens_expose_palo/ Source: The Register Title: Stolen OAuth tokens expose Palo Alto customer data Feedly Summary: Security firm’s Salesforce instance accessed using credentials stolen from Salesloft’s Drift platform breach Palo Alto Networks is writing to customers that may have had commercially sensitive data exposed after criminals used stolen OAuth credentials lifted from the Salesloft…

The Register: AWS catches Russia’s Cozy Bear clawing at Microsoft credentials

Aug 29, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/08/29/aws_catches_russias_apt29_trying/ Source: The Register Title: AWS catches Russia’s Cozy Bear clawing at Microsoft credentials Feedly Summary: Look who’s visiting the watering hole these days Amazon today said it disrupted an intel-gathering attempt by Russia’s APT29 to trick Microsoft users into unwittingly granting the Kremlin-backed cyberspies access to their accounts and data.… AI Summary…

Simon Willison’s Weblog: Piloting Claude for Chrome

Aug 26, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/Aug/26/piloting-claude-for-chrome/#atom-everything Source: Simon Willison’s Weblog Title: Piloting Claude for Chrome Feedly Summary: Piloting Claude for Chrome Two days ago I said: I strongly expect that the entire concept of an agentic browser extension is fatally flawed and cannot be built safely. Today Anthropic announced their own take on this pattern, implemented as an…

The Register: ‘Limited’ data leak at Aussie telco turns out to be 280K customer details

Aug 20, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/08/20/tpg_telecom_iinet_breach/ Source: The Register Title: ‘Limited’ data leak at Aussie telco turns out to be 280K customer details Feedly Summary: iiNet breach blamed on single stolen login, with emails, phone numbers, and addresses exposed Aussie telco giant TPG Telecom has opened an investigation after confirming a cyberattack at subsidiary iiNet.… AI Summary and…

Slashdot: Google’s ‘AI Overview’ Pointed Him to a Customer Number. It Was a Scam

Aug 18, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://yro.slashdot.org/story/25/08/18/0223228/googles-ai-overview-pointed-him-to-a-customer-number-it-was-a-scam?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Google’s ‘AI Overview’ Pointed Him to a Customer Number. It Was a Scam Feedly Summary: AI Summary and Description: Yes Summary: The text discusses a scam where a real estate developer was tricked into providing credit card information to an impersonator posing as a customer service representative for a…

Slashdot: $1M Stolen in ‘Industrial-Scale Crypto Theft’ Using AI-Generated Code

Aug 11, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://yro.slashdot.org/story/25/08/11/0037258/1m-stolen-in-industrial-scale-crypto-theft-using-ai-generated-code?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: $1M Stolen in ‘Industrial-Scale Crypto Theft’ Using AI-Generated Code Feedly Summary: AI Summary and Description: Yes Summary: The text discusses a sophisticated cybercrime operation, GreedyBear, which utilizes a highly coordinated strategy, weaponizing browser extensions and phishing sites to facilitate industrial-scale crypto theft. The group’s innovative techniques, including the modification…

The Register: Mozilla flags phishing wave aimed at hijacking trusted Firefox add-ons

Aug 4, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/08/04/mozilla_add_on_phishing/ Source: The Register Title: Mozilla flags phishing wave aimed at hijacking trusted Firefox add-ons Feedly Summary: Devs told to exercise ‘extreme caution’ with emails disguised as account update prompts Mozilla is warning of an ongoing phishing campaign targeting developers of Firefox add-ons.… AI Summary and Description: Yes Summary: Mozilla has issued a…

The Register: Silent Push CEO on cybercrime takedowns: ‘It’s an ongoing cat-and-mouse game’

Aug 3, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/08/03/silent_push_ceo_talks_cybercrime/ Source: The Register Title: Silent Push CEO on cybercrime takedowns: ‘It’s an ongoing cat-and-mouse game’ Feedly Summary: Plus: why takedowns aren’t in threat-intel analysts’ best interest interview It started out small: One US financial services company wanted to stop unknown crooks from spoofing their trading app, tricking customers into giving the digital…

Tag: phishing attempts