Phishing

At least 10 countries in Asia-Pacific region hit by FataRAT phishing campaign.

The rise in mobile phishing should cause a review of hybrid and remote work arrangements.

Hackread reports Microsoft, Gmail, Yahoo, and other authentication services' login credentials are being targeted by the newly emergent Astaroth phishing kit, which leverages an evilginx-style reverse proxy enabling man-in-the-middle attacks while evading two-factor authentication.

Individuals traveling to Singapore, Malaysia, and the UK have been subjected to a novel phishing campaign exploiting online arrival card submissions in a bid to exfiltrate personal details, SiliconAngle reports.

Bogus Microsoft ADFS login pages leveraged for widespread credential theft.

Microsoft unveils scareware blocker for Edge browser.

There are huge implications for MSPs as phishing attacks and GenAI security risks increase, Netskope found.