VulnHub

Real-time Cybersecurity News

New ATHR vishing platform uses AI voice agents for automated attacks

BleepingComputer
Actively Exploited
Phishing

Overview

A new cybercrime platform named ATHR is making waves by using automated voice phishing, or vishing, attacks that combine AI technology with human social engineering tactics. This platform allows cybercriminals to harvest sensitive credentials from unsuspecting victims through sophisticated voice interactions. By utilizing AI voice agents, attackers can engage targets without needing continuous human involvement. This development poses a significant risk to individuals and organizations, as it makes it easier for scammers to launch large-scale attacks with minimal effort. Users should be especially cautious about unsolicited calls asking for personal information, as these AI-driven tactics can be surprisingly convincing.

Key Takeaways

  • Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
  • Affected Systems: Users of various online services and organizations susceptible to vishing attacks
  • Action Required: Users should verify the identity of callers and avoid sharing personal information over the phone.
  • Timeline: Newly disclosed

Original Article Summary

A new cybercrime platform called ATHR can harvest credentials via fully automated voice phishing attacks that use both human operators and AI agents for the social engineering phase. [...]

Impact

Users of various online services and organizations susceptible to vishing attacks

Exploitation Status

This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.

Timeline

Newly disclosed

Remediation

Users should verify the identity of callers and avoid sharing personal information over the phone. Companies should implement employee training on recognizing phishing attempts.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to Phishing.

Read Original Article

Related Coverage

Officials seize 53 DDoS-for-hire domains in ongoing crackdown

CyberScoop

In a recent operation dubbed PowerOFF, authorities seized 53 domains linked to DDoS-for-hire services, aiming to disrupt the activities of over 75,000 suspected cybercriminals. These services allow individuals to pay for attacks that overwhelm targeted websites and networks with excessive traffic, causing disruptions and downtime. The crackdown is part of a broader effort to combat cybercrime and reduce the prevalence of these harmful services. Officials have issued warnings to the involved individuals, urging them to cease their activities. This operation highlights ongoing concerns about the accessibility of DDoS attacks and the need for stronger measures to protect online infrastructure.

Apr 16, 2026

Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face

BleepingComputer

Hackers are taking advantage of a vulnerability in the Marimo reactive Python notebook to distribute a new version of NKAbuse malware, which is being hosted on Hugging Face Spaces. This malware is concerning because it allows attackers to perform various malicious activities on compromised systems. Users of Marimo notebooks, especially those who utilize Hugging Face for hosting their projects, need to be particularly vigilant. The exploitation of this flaw could lead to unauthorized data access and potential breaches. Organizations should prioritize patching this vulnerability and monitoring their systems for any signs of compromise.

Apr 16, 2026

Google to pay $135M settlement to Android phone users - how to claim your share if you qualify

Latest news

Google has agreed to pay $135 million in a settlement related to allegations that it collected data from Android phone users without their consent. The lawsuit claims that the company transmitted users' information over cellular connections even when they believed their data was secure. Affected users can file a claim to receive a portion of the settlement. This case raises important questions about user privacy and data handling practices, as many individuals may not be aware of how their data is being used. If you have an Android phone, it’s worth checking if you qualify to claim your share of this settlement.

Apr 16, 2026

US Nationals Jailed for Operating Fake Remote Worker Laptop Farms for North Korea

Infosecurity Magazine

Two Americans have been sentenced to prison for running fake remote worker laptop farms that were part of a scheme to defraud companies on behalf of North Korea. These operations infiltrated over 100 firms, leading to significant financial losses. The scammers created the illusion of legitimate remote work opportunities, which allowed them to siphon money from unsuspecting businesses. This incident raises serious concerns about the extent of cybercrime linked to North Korean operatives and the vulnerabilities of companies to such scams. It serves as a grim reminder for businesses to be vigilant against sophisticated fraud tactics that exploit remote work trends.

Apr 16, 2026

6 steps to harden security programs for the Claude Mythos surge

SCM feed for Latest

The article outlines necessary steps for organizations to strengthen their cybersecurity programs in response to the growing concerns surrounding the Claude Mythos surge. It emphasizes the need for proactive measures, urging teams not to become complacent in the face of potential threats. The focus is on practical actions that can be taken to enhance security posture and resilience against possible attacks. By following these steps, companies can better prepare themselves for the challenges posed by evolving cyber threats. This guidance is particularly relevant for IT and security teams as they assess their current defenses and make necessary adjustments.

Apr 16, 2026

ThreatsDay Bulletin: Defender 0-Day, SonicWall Brute-Force, 17-Year-Old Excel RCE and 15 More Stories

The Hacker News

This week saw several notable cybersecurity incidents, including a zero-day vulnerability affecting Microsoft Defender. Attackers are exploiting this flaw to bypass security measures, putting users at risk. Additionally, SonicWall reported a brute-force attack targeting their products, which could compromise user accounts. In another concerning development, a 17-year-old remote code execution (RCE) vulnerability in Microsoft Excel remains a threat, proving that outdated software can still be a significant risk. These incidents emphasize the need for organizations to stay vigilant and ensure their systems are updated and secure.

Apr 16, 2026