2FA phishing
-
ChatGPhish flaw can turn ChatGPT summaries into phishing lures
Researchers disclosed ChatGPhish, a ChatGPT flaw that can render malicious links, images and QR codes inside summaries of web pages. The technique may leak browser details and create a new phishing surface during normal browsing.
-
GREYVIBE campaign targets Ukraine with phishing, fake sites and AI tools
GREYVIBE has targeted Ukraine-linked entities since at least August 2025 using phishing, fake CAPTCHA pages and fraudulent websites, while a WithSecure analysis says the group appears to have used AI tools to speed malware development.
-
Fake LinkedIn emails abuse Adobe service in phishing campaign
A phishing campaign is using fake LinkedIn business emails and Adobe Target to hide credential theft, with attackers disguising HTML attachments as PDFs and redirecting victims to a real LinkedIn page after login.
-
FBI warns of fake FIFA sites ahead of 2026 World Cup
The FBI warned that fake FIFA websites are being used ahead of the 2026 World Cup to steal data, sell bogus tickets and push other scams. Researchers said hundreds of phishing sites and related campaigns are already active.
-
Grandoreiro and BTMOB campaigns target banking users in Europe and Latin America
Researchers say Grandoreiro and BTMOB are being used in separate campaigns against banking users in Europe and Latin America, combining phishing, DLL side-loading and Android social engineering with malware-as-a-service sales.
-
INTERPOL says MENA cybercrime operation leads to 201 arrests
INTERPOL said a five-month crackdown across the Middle East and North Africa led to 201 arrests, 382 additional suspects and 53 server seizures in an operation targeting phishing, malware and online scams.
-
Ghostwriter targets Ukrainian government entities in fresh phishing campaign
Ghostwriter has been tied to new attacks on Ukrainian government entities since March 2026, using malicious PDFs, geofencing checks and a JavaScript version of PicassoLoader to deliver Cobalt Strike, according to an ESET technical analysis.
-
Skoda says customer data stolen in online shop breach
Škoda Auto said attackers breached its online shop, stole customer personal data and accessed login credentials after exploiting a software flaw. The company said payment card details were not stored on the compromised systems.
-
Amazon SES abuse rises in phishing campaigns, Kaspersky says
Kaspersky says Amazon Simple Email Service is being increasingly abused in phishing campaigns that can bypass standard email defenses. The report links the activity to exposed AWS credentials and notes that the messages can evade SPF, DKIM and DMARC checks.
-
Phishing campaign used RMM software to hit more than 80 organizations
A phishing campaign has targeted more than 80 organizations since at least April 2025, using legitimate remote monitoring tools to maintain access after victims opened fake Social Security Administration emails.
