VulnHub

Researchers at Zimperium zLabs have discovered a new Android malware called DroidLock, which behaves like ransomware. This malicious software can lock users out of their devices and steal sensitive information by tricking them into providing their credentials through phishing tactics. Additionally, DroidLock has the capability to stream users' screens and activate their front cameras through VNC, raising serious privacy concerns. This malware primarily targets Android users, making it essential for them to remain vigilant about their device security and be cautious of suspicious links or applications. The emergence of DroidLock emphasizes the ongoing risks associated with mobile malware and the need for users to adopt strong security practices.

A recent phishing campaign has targeted around 6,000 companies, sending over 40,000 fraudulent emails that appeared to come from trusted services like SharePoint and DocuSign. These emails contained malicious links disguised by reputable redirect services, making it easier for scammers to trick recipients into clicking. The scale and speed of this attack raise concerns about the vulnerability of businesses to such tactics, which exploit the trust users place in well-known platforms. Companies need to be vigilant, as these phishing attempts can lead to data breaches or financial loss if employees fall for the scams. Ensuring proper training and awareness around phishing tactics is crucial for organizations to protect themselves.

A new phishing kit named Spiderman is targeting customers of various European banks and cryptocurrency users by creating nearly identical fake websites that impersonate legitimate brands and organizations. This sophisticated kit allows attackers to mimic the look and feel of real banking sites, making it difficult for users to identify them as fraudulent. Affected users may enter sensitive information, such as login credentials or financial details, which could lead to identity theft or financial loss. The rise of such phishing attacks is concerning as they exploit the trust users have in established financial institutions. Awareness and caution are crucial for users to protect themselves from these deceptive schemes.

Varonis threat analysts have identified a new phishing kit named Spiderman that specifically targets European banks and cryptocurrency customers. This kit automates the process of stealing users' credentials and personal information, creating a complete identity profile of the victim. The implications of this attack are significant, as it not only compromises individual accounts but can also lead to broader financial fraud and identity theft. Banks and crypto platforms should be on high alert and enhance their security measures to protect against this sophisticated threat. Users must also remain vigilant and be cautious about sharing their information online.

A phishing campaign utilizing the Evilginx kit has targeted 18 US universities, successfully bypassing Multi-Factor Authentication (MFA) to steal credentials over a period from April to November 2025. The severity of the threat highlights the vulnerabilities in MFA systems and the need for enhanced security measures in educational institutions.

The article highlights various cybersecurity threats, including a significant exploit in the DeFi space that resulted in the theft of $9 million. It emphasizes the ongoing battle between hackers and security measures across multiple platforms, including Wi-Fi and coding tools.

A new wave of spear-phishing attacks has been identified, attributed to the Russia-based hacking group Star Blizzard. This threat poses significant risks to organizations, particularly targeting the French NGO Reporters Without Borders, highlighting the ongoing cybersecurity challenges faced by non-profits and media organizations.

BitSight research highlights a significant cybersecurity threat where threat actors exploit calendar subscriptions to deliver phishing links and malware via hijacked domains. This method poses a serious risk as it can lead to social engineering attacks, potentially compromising sensitive information and systems.

The article discusses a new phishing campaign targeting Zendesk users, attributed to the Scattered Lapsus$ Hunters collective. This campaign involves the use of newly registered phishing domains, indicating a serious threat to users of the Zendesk platform.

The FBI has reported a significant increase in account takeover (ATO) fraud, with cybercriminals impersonating financial institutions to steal money and sensitive information. This issue poses a serious threat to individuals and organizations across various sectors, leading to losses exceeding $262 million.

A new cybersecurity campaign is utilizing fake Windows update pop-ups on adult websites to trick users into executing malicious commands. This method combines ClickFix lures with phishing tactics, posing a significant risk to users who visit these sites.