Storm-3075 Uses ChatGPT and Claude Brands to Harvest Credentials
June 10, 2026
Microsoft identified Storm-3075 using ChatGPT, Claude, and DeepSeek brands in AiTM phishing that targeted over 2,000 organizations across the US,
Phishing
Storm-3075 Uses ChatGPT and Claude Brands to Harvest Credentials
Microsoft identified Storm-3075 using ChatGPT, Claude, and DeepSeek brands in AiTM phishing that targeted over 2,000 organizations across the US, UK, and India.
Fake Claude Code Installers on Google Sites Steal AI API Keys
An active campaign uses 32 Google Sites pages to distribute credential malware targeting AI API keys, browser logins, and password managers from developers.
Fake Chrome Web Store DMCA Notices Target Extension Developers
Attackers send fake Chrome Web Store DMCA notices using real extension data to steal developer accounts and push malicious updates to millions of users.
SideCopy APT Targets Afghan Finance Ministry with Xeno RAT
Pakistan-attributed SideCopy APT used Pashto-language LNK lures against Afghanistan's Finance Ministry, deploying Xeno RAT for full system access and exfil.
5,000 Election Phishing Domains Pre-Stage US Midterm Attacks
Over 5,000 election-themed domains registered between April and May 2026 form phishing infrastructure targeting voters, campaign staff, and election workers.
PSNI Phone Number Spoofed in Gift Card Vishing Campaign
Scammers have spoofed the PSNI's official switchboard number to impersonate officers and pressure victims into buying gift cards in a vishing campaign.
PSNI Phone Number Spoofed in Gift Card Vishing Campaign
Scammers have spoofed the PSNI's official switchboard number to impersonate officers and pressure victims into buying gift cards in a vishing campaign.
5,000 Election Phishing Domains Pre-Stage US Midterm Attacks
Over 5,000 election-themed domains registered between April and May 2026 form phishing infrastructure targeting voters, campaign staff, and election workers.
SideCopy APT Targets Afghan Finance Ministry with Xeno RAT
Pakistan-attributed SideCopy APT used Pashto-language LNK lures against Afghanistan's Finance Ministry, deploying Xeno RAT for full system access and exfil.
LLMShare Campaign Hosts Infostealer Downloads on ChatGPT’s Own Domain
LLMShare, discovered by Push Security, abuses ChatGPT's share links on chatgpt.com to host fake outage pages that deliver infostealer malware to Windows and macOS users.
Fake Claude Code Installers on Google Sites Steal AI API Keys
June 4, 2026
An active campaign uses 32 Google Sites pages to distribute credential malware targeting AI API keys, browser logins, and password
Fake Chrome Web Store DMCA Notices Target Extension Developers
June 4, 2026
Attackers send fake Chrome Web Store DMCA notices using real extension data to steal developer accounts and push malicious updates
SideCopy APT Targets Afghan Finance Ministry with Xeno RAT
June 2, 2026
Pakistan-attributed SideCopy APT used Pashto-language LNK lures against Afghanistan’s Finance Ministry, deploying Xeno RAT for full system access and exfil.
5,000 Election Phishing Domains Pre-Stage US Midterm Attacks
June 2, 2026
Over 5,000 election-themed domains registered between April and May 2026 form phishing infrastructure targeting voters, campaign staff, and election workers.
PSNI Phone Number Spoofed in Gift Card Vishing Campaign
June 2, 2026
Scammers have spoofed the PSNI’s official switchboard number to impersonate officers and pressure victims into buying gift cards in a
PSNI Phone Number Spoofed in Gift Card Vishing Campaign
June 2, 2026
Scammers have spoofed the PSNI’s official switchboard number to impersonate officers and pressure victims into buying gift cards in a
5,000 Election Phishing Domains Pre-Stage US Midterm Attacks
June 2, 2026
Over 5,000 election-themed domains registered between April and May 2026 form phishing infrastructure targeting voters, campaign staff, and election workers.
SideCopy APT Targets Afghan Finance Ministry with Xeno RAT
June 2, 2026
Pakistan-attributed SideCopy APT used Pashto-language LNK lures against Afghanistan’s Finance Ministry, deploying Xeno RAT for full system access and exfil.
LLMShare Campaign Hosts Infostealer Downloads on ChatGPT’s Own Domain
June 1, 2026
LLMShare, discovered by Push Security, abuses ChatGPT’s share links on chatgpt.com to host fake outage pages that deliver infostealer malware
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.