Tycoon2FA has become a leading phishing-as-a-service (PhaaS) platforms, enabling campaigns that reach over 500,000 ...

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users from legitimate sign‑in pages to attacker‑controlled infrastructure.

本文旨在系统性地研究基于深度学习的电信级反垃圾与反钓鱼防护机制。文章将首先分析当前短信诈骗的技术特征与演化趋势，随后构建一个包含数据预处理、特征工程、模型训练及实时推理的完整技术架构。重点探讨如何利用自然语言处理技术提取短信文本的深层语义特征，以及如 ...

" data-display-label="0" data-show-count="1" data-bookmark-label="Save" data-bookmarked-label="Saved" data-loggedin="0" data-type="post" data-object_id="361637" class="cbxwpbkmarktrig ...

Instagram虚假登录页面钓鱼活动的泛滥，标志着网络犯罪已进入一个利用人性弱点与协议漏洞相结合的新阶段。攻击者通过精心编织的社会工程学陷阱和先进的实时代理技术，成功突破了传统密码与双重验证构成的防线，实现了对用户数字身份的完全接管。这不仅导致了直 ...

North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT via 31 Vercel deployments.

Starkiller phishing suite uses live reverse proxying to bypass MFA, while attackers abuse OAuth device codes to hijack Microsoft 365 accounts.

Researchers have found that attackers are abusing OAuth to send users from legitimate Microsoft or Google login pages to phishing sites or malware downloads.

" data-display-label="0" data-show-count="1" data-bookmark-label="Save" data-bookmarked-label="Saved" data-loggedin="0" data-type="post" data-object_id="361633" class="cbxwpbkmarktrig ...

It’s hard to believe that something nefarious can lie within a QR code, but it can. QR codes have become a convenience of modern life. Just scan the black and white mosaic with your phone’s camera and ...

AI is helping cybercriminals to rapidly assemble malware with flat-pack efficiency. It’s almost like buying a sofa from Ikea, ...

Source Code Exfiltration in Google Antigravity‍TL;DR: We explored a known issue in Google Antigravity where attackers can silently exfiltrate proprietary source codeBy hiding malicious instructions ...