Watch out - hackers are using AI to make phishing emails even more convincing

We’ve all heard of Gen AI being used to craft bodies of convincing phishing emails, however Microsoft researchers have now discovered a campaign in which threat actors took AI use in phishing a step ...
The Hacker News

Microsoft Flags AI-Driven Phishing: LLM-Crafted SVG Files Outsmart Email Security

"Appearing to be aided by a large language model (LLM), the activity obfuscated its behavior within an SVG file, leveraging business terminology and a synthetic structure to disguise its malicious ...

Microsoft blocks phishing scam which used AI-generated code to trick users

Defenders apply AI to detect and respond to threats at scale, while attackers experiment with it to craft phishing lures, generate obfuscated code, and disguise malicious payloads. Microsoft Threat ...
Security Boulevard

Microsoft Sniffs Out AI-Based Phishing Campaign Using Its AI-Based Tools

Microsoft used AI-based tools in Defender for Office 365 to detect and block a phishing campaign in which Security Copilot determined the malicious code was likely written by a LLM, marking the latest ...
Cyber Defense Magazine

AsyncRAT Malware Campaign Found Targeting South American Hotels

A new AsyncRAT malware campaign from threat actor TA558 is targeting the South American hospitality industry, demanding the attention of travelers and cybersecurity professionals. The campaign employs ...
DataBreachToday

Hackers Obfuscated Malware With Verbose AI Code

Hackers behind a phishing campaign appear to have used artificial intelligence-generated code to hide malware behind a wall of overly complex and useless code, said Microsoft. The computing giant said ...
Infosecurity Magazine

AI-Generated Code Used in Phishing Campaign Blocked by Microsoft

Microsoft Threat Intelligence stopped an AI-driven credential phishing campaign using SVG files disguised as PDFs ...
Infosecurity Magazine

npm Package Uses QR Code Steganography to Steal Credentials

A malicious npm package named Fezbox has been found using an unusual technique to conceal harmful code. The package employs a QR code as part of its obfuscation strategy, ultimately aiming to steal ...
WeLiveSecurity

DeceptiveDevelopment: From primitive crypto theft to sophisticated AI-based deception

ESET researchers reveal how malware operators collaborate with covert North Korean IT workers, posing a threat to both headhunters and job seekers.
Security Boulevard

Technical Analysis of Zloader Updates

IntroductionZloader (a.k.a. Terdot, DELoader, or Silent Night) is a Zeus-based modular trojan that emerged in 2015. Zloader was originally designed to facilitate banking, but has since been repurposed ...
The Hacker News

Chinese TA415 Uses VS Code Remote Tunnels to Spy on U.S. Economic Policy Experts

The campaign, per Proofpoint, mainly focused on individuals who specialized in international trade, economic policy, and U.S.-China relations, sending them emails spoofing the U.S.-China Business ...