New Microsoft O365 Phishing Attack Uses AES & Malicious npm Packages to Steal Login Credentials

A sophisticated phishing campaign targeting Microsoft Office 365 users has emerged, combining several advanced techniques to evade detection and harvest credentials. The attack, identified in early April 2025, leverages encrypted HTML files, content delivery networks (CDNs), and malicious npm packages in a multi-stage approach that cybersecurity experts describe as unusually complex for typical phishing operations….

Read More

Mphasis Launches Cyber Fusion Center in Bangalore to Boost Global Cybersecurity Capabilities

Mumbai , December 4, 2024: Mphasis, (BSE: 526299; NSE: MPHASIS), an Information Technology (IT) solutions provider specializing in cloud and cognitive services, today announced the inauguration of its new Cyber Fusion Center in Bangalore, India. This cutting-edge facility is designed to offer 24×7 advanced threat detection, incident response, and continuous threat monitoring for global clients across industries, helping organizations navigate the…

Read More

Shadowroot Ransomware Lures Turkish Victims via Phishing Attacks

The ransomware is rudimentary with basic functionalities, likely having been created by an inexperienced developer — but it’s effective at locking up files and sucking up memory capacity.   A ransomware strain coined “ShadowRoot” has been found targeting Turkish businesses through phishing attacks. The phishing emails contain a PDF attachment disguised as an invoice with embedded…

Read More