Chinese-language phishing-as-a-service (PhaaS) communities are expanding in an area historically dominated by Russian-speaking cybercriminal groups. The Google Threat Intelligence Group (GTIG) analyzed a dozen active PhaaS offerings operating in Chinese-language underground communities and found mature services, with several likely linked to broader criminal activity in the region. Nearly all legitimate organizations mimicked by these phishing services were non-Chinese entities, suggesting that activity rarely targets China itself. Researchers noted that Telegram serves as a common channel … More →
The post Chinese phishing services grow into a force to be reckoned with appeared first on Help Net Security.
Malicious npm Package ‘dbmux’ Targets Developers
Malware was discovered in the npm package dbmux. Any computer with this package installed or running should be considered fully compromised. The GitHub Advisory (GHSA-62wx-5f55-w8g2)
