Phishing

Summary A sophisticated phishing campaign recently succeeded in compromising several widely-used npm packages, demonstrating how social engineering can bypass traditional security measures. The attackers cleverly used stolen credentials to inject malware directly into trusted npm packages without ever touching the corresponding GitHub repositories, making detection significantly more challenging. This incident serves as a stark reminder that even the most popular and trusted packages in our dependency chains can become vectors for malicious code distribution. ...

I use a burner (temporary) email for filling it at random websites for my testing. Still, I have taken care not to use this email address at unreliable websites. Somehow, someone got hold of this email address. Now, how can that person check that my address is still valid and active? They need to check this for sending me spam/phishing emails and get a better ROI. Here’s the technique they used, and I was impressed. Generally I don’t entertain my Spam folder and hence haven’t seen many of such mails. The mail says — ...

Phishtank is a project by OpenDNS community. OpenDNS is a company which provides its services for safe and fast browsing to the Internet. While Phishtank is a community where anyone can share or check phishing data. Phishtank is not a technology to filter phishing/spam or to protect against phishing attacks, but a platform to submit, verify, check or share phishing details so it provides as a repository of phishing data. How to support Phishtank? You can support Phishtank in either ways: ...