Phishing, Government security, Email security

Afghan government offices subjected to phishing campaign

January 21, 2026

Afghan ministry and administrative office workers have been targeted with malware-spreading phishing emails purporting to be from the office of the country's prime minister as part of the Nomad Leopard campaign, according to The Record, a news site by cybersecurity firm Recorded Future.

Illicit emails with a decoy document appearing to be financial reporting instructions enabled the distribution of the FalseCub information-stealing malware from GitHub, a report from Seqrite showed. Additional analysis of the GitHub account used by the attacker led researchers to discover multiple administrative and legal files uploaded by the hacker under the "Afghan Khan" moniker across various platforms, including Dailymotion and Pinterest. Such a campaign may be launched by the "regionally focused threat actor" to target other countries.

"The threat actor is not very sophisticated but possesses multiple legal and government-related lure documents, which we believe may be used in future campaigns," said Seqrite researchers.

SC Staff

Phishing

Google sues to dismantle AI-powered cybercrime operation

SC StaffJune 12, 2026

The lawsuit targets Outsider Enterprise, a network believed to be based in China, for allegedly using AI to impersonate Google and other brands in scam text messages.

Phishing

Scammers use short videos on social media to spread Vidar infostealer

SC StaffJune 10, 2026

This new attack method, reported by ReversingLabs, involves creating seemingly helpful tutorial videos that promise free access to premium applications such as Spotify Premium or Microsoft Word.