File upload logic in GitHub's comments allows hackers to host malware on the service and abuse trusted developers and companies, such as Microsoft, to create legitimate-looking URLs.
Phishing scam RSS
Google's YouTube is sounding the alarm about a recent email phishing scam that uses YouTube email addresses and asks people to click on a link about "changes in YouTube rules and policies."
A social experiment was conducted by a security research firm pitting humans against ChatGPT. This test simulated writing of phishing scam mail and human beings have emerged victorious, for now.
Reddit recently suffered a security breach that allowed cybercriminals to access some of its internal data and systems. The incident was a result of a successful phishing attack against the company.
Friendster, a defunct social media platform popular in the 2000s, was recently seen online again. However, it is not exactly known if the website is legitimate due to a few red flags.
Meta has warned one million Facebook users who may have had their accounts compromised through a fraudulent iOS or Android app. The apps required users to sign in in order for the app to "work."
Microsoft has warned about a phishing campaign called "SEABORGIUM". The threat actors of SEABORGIUM first build up rapport with the targets before duping them to rob their data, like credentials.
_medium.jpg)
Microsoft email users are under attack from a new phishing campaign. The campaign uses the adversary-in-the-middle (AiTM) technique to even bypass multi-factor authentication (MFA) protection.
A bug in Microsoft Outlook is tricking people into believing that phishing emails are from genuine contacts by using the Cyrillic alphabet which has letters similar to those in the Latin alphabet.
Sources have revealed that hackers are using emails that promise fake Game of Thrones spoilers to lure viewers into downloading malware which installs a remote access Trojan on their systems.
A new scam is circulating, targeting folks via a link to a shared Google Docs file. Once clicked, the link brings you to a legitimate sign-in page, and asks for a fake app to access your emails.
As the video service launches in 190 regions worldwide, malware and phishing campaigns are increasingly targeting users' Netflix credentials and banking info, according to a report by Symantec.
A phishing campaign has been discovered by the Comodo Group that is designed to mislead potential WhatsApp users into installing a trojan horse that can allow attackers to steal personal information.
