2FA phishing
-
Fake IT support calls on Microsoft Teams push EtherRAT malware
Threat actors are using Microsoft Teams voice calls to impersonate IT support and push EtherRAT malware, according to a Unit 42 technical analysis. The campaign combines phishing emails, remote-access tools and a Node.js loader.
-
Fake Netflix, Coca-Cola and FIFA job scams target marketing workers
A phishing campaign has impersonated Netflix, Coca-Cola, Adidas and FIFA to target marketing professionals for at least five months, using fake interview requests and built-in Google login pop-ups to steal accounts.
-
Mirage2FA phishing kit uses HTML smuggling to target Microsoft 365 users
Fortra identified Mirage2FA, a phishing kit that uses HTML smuggling and obfuscated JavaScript to mimic Microsoft 365 sign-in pages and steal credentials during MFA prompts in an email campaign tied to cheacker[.]store.
-
Microsoft flags photo ZIP phishing campaign targeting hotels in Europe and Asia
Microsoft said a phishing campaign has targeted hotels and other hospitality organizations in Europe and Asia since April 2026, using photo-themed ZIP files to install a Node.js implant and gain access to front-desk machines.
-
Xsolis says phishing attack exposed data of 1.4 million people
Xsolis said a January phishing attack exposed sensitive data tied to nearly 1.4 million people, including Social Security numbers and medical treatment information. The company is notifying affected individuals and offering identity monitoring.
-
INTERPOL warns of surge in phishing, ransomware and scam centers across Asia and the South Pacific
INTERPOL says cybercrime has surged across Asia and the South Pacific, driven by phishing, ransomware and AI-enabled scams. The report cites more than 135,000 ransomware attacks in 2024 and rising losses from organized fraud networks.
-
Texas agency says license vendor breach exposed data on 3 million people
Texas Parks and Wildlife said a breach at its license system vendor exposed personal data tied to more than 3 million hunting and fishing license customers, including driver’s license details, passport numbers and contact information.
-
North Korean hackers shift phishing campaign to GitHub repositories, researchers say
North Korean linked hackers used recruitment-themed phishing emails and malicious GitHub repositories to target nearly 100 organizations, researchers said. The campaign aimed to steal developer credentials and cryptocurrency wallet data across Windows, macOS and Linux.
-
Sniper Dz campaign used fake Facebook offers to target MENA users
Researchers said a fraud campaign targeted users in the Middle East and North Africa with fake Facebook offers, redirecting them through layered websites and browser tricks to push phishing, premium SMS, call scams and investment fraud.









