ATHR, advertised for $4,000 plus a 10% commission, streamlines the entire telephone-oriented attack delivery (TOAD) process, according to Abnormal researchers.
These phishing emails often state that a user's storage limit has been exceeded or their account is blocked, threatening the permanent erasure of photos and videos by a specific date.
Attackers are leveraging n8n's webhook functionality, which exposes unique URLs on the *.app.n8n.cloud subdomain, to initiate workflows when triggered by incoming data.
Android and Google Chrome users have had their Google Discover feeds injected with deceptive news stories via search engine optimization poisoning and AI-generated content to facilitate scareware deployment and financial scams as part of the Pushpaganda ad fraud campaign, The Hacker News reports.
The fraudulent app, available on Apple's App Store under the publisher name "Leva Heal Limited," tricked users into entering their seed phrases, granting attackers full control of their digital wallets.
RDP files, commonly used in enterprise environments for remote access, have been increasingly abused by threat actors, including the Russian state-sponsored APT29 group.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
