PoisonSeed Campaign Targets Crypto Users Through Compromised CRM Systems
A sophisticated cybercrime operation dubbed PoisonSeed is exploiting compromised CRM accounts to launch cryptocurrency seed phrase poisoning attacks. The campaign uses phishing tactics to gain access to marketing systems and sends malicious recovery phrases that allow attackers to drain victims' digital wallets.
Singapore Mandates Banks and Telcos Share Responsibility for Phishing Scam Prevention
Singapore introduces a pioneering Shared Responsibility Framework requiring banks and telecom companies to implement strict anti-phishing measures or face financial liability. The framework establishes a 'waterfall' accountability system and mandates specific security protocols including cooling-off periods and real-time monitoring.
DeepSeek AI Phishing Campaign Targets Crypto Wallets and User Data
Multiple fraudulent websites impersonating DeepSeek have emerged following the Chinese AI company's recent model release, putting users' sensitive data and cryptocurrency at risk. Security researchers identified at least 16 active phishing sites using sophisticated evasion tactics and malicious packages to steal credentials and distribute malware.
Cybercriminals Target Organizations with Sophisticated ADFS Phishing Scheme
Security researchers have uncovered a sophisticated phishing campaign targeting organizations using Microsoft ADFS, with attackers creating convincing fake login portals to steal credentials and bypass MFA. The scam has affected over 150 organizations across education, healthcare, government and technology sectors, primarily in the US, Canada, Australia and Europe.
International Operation Takes Down Pakistan-Based 'The Manipulaters' Cybercrime Group
Law enforcement agencies from the US and Netherlands disrupted a major cybercrime operation, seizing dozens of servers linked to spam and malware distribution. The Pakistan-based group marketed 'undetectable' phishing tools targeting major platforms while operating through a legitimate-appearing web company.
PayPal Users Targeted by Sophisticated Phishing Scam Using Legitimate URLs
A newly discovered phishing campaign exploits PayPal's legitimate infrastructure to hijack user accounts by leveraging real URLs and Microsoft 365 test domains. The sophisticated attack can bypass standard security checks and PayPal's own phishing detection systems.