Threat Actors Impersonate Microsoft OAuth Apps to Steal Login Credentials

Threat actors are leveraging sophisticated phishing campaigns by creating fake Microsoft OAuth applications to impersonate legitimate enterprises, enabling credential theft while bypassing multifactor authentication (MFA). Proofpoint researchers have tracked this activity since early 2025, identifying over 50 impersonated applications, including…

Threat Actors Exploit Proofpoint and Intermedia Link Wrapping to Conceal Phishing Payloads

Cybercriminals are increasingly exploiting link wrapping features from vendors like Proofpoint and Intermedia to mask malicious payloads, leveraging the inherent trust users place in these security tools. Link wrapping, intended as a protective measure, reroutes URLs through vendor scanning services…

APT36 Hackers Target Indian Railways, Oil, and Government Systems Using Malicious PDF Files

The Pakistan-linked threat group APT36, also known as Transparent Tribe, has broadened its cyber operations beyond traditional military targets to encompass Indian railways, oil and gas infrastructure, and the Ministry of External Affairs. Security researchers have uncovered two sophisticated desktop-based…