Hackread reports that threat actors have been exploiting Microsoft 365's Direct Send feature, which is originally meant to expedite fax and scan deliveries to email addresses, to facilitate a phishing campaign that involves malicious internal-looking emails.
Hackread reports that malicious actors have begun using malicious Windows shortcut files to distribute the Remcos RAT malware as part of a new attack campaign.
Users of the Python Package Index repository are being targeted by an ongoing phishing scheme redirecting to fraudulent PyPI sites that facilitate credential pilfering activities, The Hacker News reports.
Developed in partnership with Israeli firm Ironscales, the solution integrates seamlessly with Malwarebytes' Nebula platform and OneView console, allowing for unified endpoint and email protection from a single interface.
Cybernews reports that high-performance computers, satellite phones, network switches, and other expensive equipment have been stolen through fraudulent orders conducted as part of a sweeping net Request for Quote scam.
Russian-linked threat groups UTA0352 and UTA0355 have been abusing Microsoft 365's OAuth workflows to compromise non-profit organizations' Microsoft accounts as part of targeted phishing intrusions, according to Infosecurity Magazine.
Utilities, business-to-business service providers, and software-as-a-service vendors have been increasingly targeted with redirect intrusions involving the concealment of malicious JavaScript code within Scalable Vector Graphics image files, Hackread reports.
