By hiding malicious instructions on an attacker-controlled Web page, AI could ingest orders that appear benign but return sensitive data to the attacker’s server.
Since January 2026, CERT-UA has been tracking a series of intrusions attributed to UAC-0252 and built around SHADOWSNIFF and SALATSTEALER infostealers. The campaigns rely on well-crafted phishing lures, payload staging on legitimate infrastructure, and user-driven execution of disguised EXE files. Detect UAC-0252 Attacks Covered in CERT-UA#Adresse geschuetzt Q2 2025 research by […] The post UAC-0252 […]
Device code phishing attacks that abuse the OAuth 2.0 Device Authorization Grant flow to hijack accounts have surged more than 37 times this year. […]
Phishing remains one of the most effective tools in the cybercriminal arsenal, especially when threat actors abuse the credibility of trusted institutions and familiar digital services to increase victim interaction. In late March 2026, CERT-UA revealed a phishing campaign tracked as UAC-0255 in which attackers impersonated the agency and attempted to infect organizations across Ukraine’s […]
Automatisierung nimmt zu, aber Exzellenz bleibt knapp. Was wir als Inhaber einer IT-Firma aus über 2.000 Bewerbungen gelernt haben. Ein Erfahrungsbericht von Rene Koch (Recruiting, Wirtschaft)
Threat intelligence teams have tracked Silver Fox (also known as Void Arachne), a China-based intrusion set that sits at the intersection of financially motivated cybercrime and APT-style espionage. O
Ein Forscherteam hat vor zwei Jahren eine Phishing-Technik entdeckt, die einen geschickten Passwortklau ermöglicht. Lösen will das Problem offenbar keiner. (Phishing, Firefox)
Threat actors are targeting TikTok for Business accounts in a phishing campaign that prevents security bots from analyzing malicious pages. […]