eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More Cross-site scripting (XSS) attacks have become one of the ...

A malicious PHP script found on over 5,000 compromised websites has been fingered as the source of a large-scale spam campaign that has been silently redirecting users to web pages hosting diet and ...

A new email “phishing” scam uses a tiny program to modify computers so that they covertly redirect a victim’s web browser to a bogus banking site. Opening one of the new phishing messages will trigger ...

Stolen crypto data sell on the dark web for $105. The data is collected from phishing attacks and is added to a complex supply chain of cybercrime.

Threat researchers investigating phishing attacks encountered a less common technique in spear-phishing aimed at a senior executive at a top American company. The code behind the phishing page made ...

Showcasing a previously unseen cyberattack technique, threat actors are using Amazon Web Services Simple Notification Service (AWS SNS) and a custom bulk-messaging spam script called SNS Sender to ...

According to SurfControl's Advanced Threat Intelligence (ATI) division, these pre-packaged kits include ready-made graphics, programming code and sample content used to generate emails capable of ...

Researchers at Symantec have discovered another Phishing campaign using Google Drive, one that mirrors a similar attack form two months ago. The technical aspects are so familiar, that Symantec’s team ...

Phishing involves attempts to obtain user names, passwords and other personal details by luring unsuspecting Web users into click on links to sites that are designed only to collect this information.