[HackerNews] Microsoft Warns of TodayZoo Phishing Kit Used in Extensive Credential Stealing Attacks

Microsoft on Thursday disclosed an “extensive series of credential phishing campaigns” that takes advantage of a custom phishing kit that stitched together components from at least five different widely circulated ones with the goal of siphoning user login information.
The tech giant’s Microsoft 365 Defender Threat Intelligence Team, which detected the first instances of the tool in the wild in

Source: Read More (The Hacker News)

You might be interested in …

[TheRecord] FBI warns of credential stuffing attacks against grocery and food delivery services

The FBI says that hackers are using credential stuffing attacks to hijack online accounts at grocery stores, restaurants, and food delivery services in order to drain user funds through fraudulent orders and to steal personal or financial data. The warning comes via an FBI Private Industry Notification the agency’s Cyber Division sent last week to […]

Read More

[HackerNews] High-Severity Vulnerability in 3 WordPress Plugins Affected 84,000 Websites

All posts, HackerNews

Researchers have disclosed a security shortcoming affecting three different WordPress plugins that impact over 84,000 websites and could be abused by a malicious actor to take over vulnerable sites. “This flaw made it possible for an attacker to update arbitrary site options on a vulnerable site, provided they could trick a site’s administrator into performing […]

Read More

[TheRecord] Twitch says no user passwords or cards numbers were exposed in major hack

In the aftermath of a major security breach that came to light yesterday, Twitch has now issued a formal statement to assure users that no passwords or payment card numbers were stolen or leaked online. “At this time, we have no indication that login credentials have been exposed,” the company said in a blog post today. “Additionally, full credit […]

Read More