Google Threat Intelligence Group reported a novel phishing campaign attributed to a suspected Russian espionage actor, UNC5837, targeting European government and military organizations. Attackers used signed .rdp files to establish Remote Desktop Protocol connections, enabling them to access victim systems and potentially exfiltrate sensitive information, highlighting the risks associated with lesser-known RDP functionalities.

MokN Baits are advanced defensive phishing pages designed to lure attackers into revealing compromised credentials. By filtering out noise and providing tailored threat intelligence, MokN helps organizations effectively monitor and respond to real threats targeting their systems, enhancing security beyond traditional methods like dark web monitoring and MFA.

An analysis of over 2.6 million AI-related posts from underground sources reveals how threat actors are leveraging AI technologies for malicious purposes. The research highlights 100,000 tracked illicit sources and identifies five distinct use cases, including multilingual phishing and deepfake impersonation tools. This comprehensive insight offers unmatched visibility into adversaries' strategies and innovations in AI exploitation.

Silent smishing exploits vulnerable cellular router APIs to conduct phishing attacks via SMS, allowing attackers to access sensitive information without authentication. The article discusses various attack methods, including the impersonation of legitimate organizations, and emphasizes the need for vigilance against such threats.