A phishing campaign targeting Italian and U.S. users exploits fake Microsoft OneNote login prompts to steal Office 365 and Outlook credentials. The attackers use trusted platforms and Telegram bots for data exfiltration, complicating detection. Active since January 2022, the campaign employs sophisticated code and has evolved to use Telegram for credential retrieval, posing risks beyond simple theft.
Thousands of Asus routers are being hit with stealthy, persistent backdoors
Security company GreyNoise detected a campaign in mid-March where as many as 9,500 Asus routers were compromised by a threat actor named ViciousTrap. The attackers
