As AI adoption continues to grow, threat actors have wasted no time exploiting the trend. FortiGuard Labs recently observed a campaign delivering malicious files disguised as AI-related documents, with titles such as "AI-Ready PostgreSQL 18: Building Intelligent Data Systems" and " A Guide for Thinking Marketers in the Age of AI."
Affected Platforms: Microsoft Windows Impacted Users: Any organization Impact: Attackers gain control of the infected systems Severity Level: High |
These lures
A phishing malware campaign, known as Shadow Vector, has been reported, targeting users in Colombia through malicious SVG files disguised as urgent court notifications. The campaign uses the MITRE ATT&CK technique known as SVG smuggling, where scalable vector graphics are used to embed or link malicious content. It begins with spear-phishing emails containing SVG attachments, which, when rendered in a browser, redirect victims to download payloads from public platforms like Bitbucket, Dropbox,
HP Wolf Security has published a report that finds that the tactics and techniques being used by cybercriminals are evolving. In contrast, different cybercriminals continue to exploit weaknesses that are simple to exploit. For example, cybercriminals use an advanced WikiLoader campaign to exploit open redirect vulnerabilities within websites to circumvent detection. Users are directed to trustworthy sites, often via fake advertisements, before being redirected to malicious sites. Elsewhere, c
Link to full report: IR-24-145-001_weekly145.pdf
