An invitation to sign a DocuSign document went through mysterious ways and a way-too-easy Captcha to fingerprint the target.
Tag: CAPTCHA
Victims risk AsyncRAT infection after being redirected to fake Booking.com sites
We found that cybercriminals are preparing for the impending holiday season with a redirect campaign leading to AsyncRAT.
A week in security (March 24 – March 30)
A list of topics we covered in the week of March 24 to March 30 of 2025
Fake CAPTCHA websites hijack your clipboard to install information stealers
An increasing number of websites use a clipboard hijacker and instruct victims on how to infect their own machine.
PetSmart warns customers of credential stuffing attack
Pet retail company PetSmart has emailed customers to alert them to a recent attack that used reused passwords.
Gmail-linked Facebook accounts vulnerable to attack using a chain of bugs—now fixed
A security researcher has disclosed how he chained together multiple bugs in order to take over Facebook accounts that were linked to…
Fake reCAPTCHA forms dupe users via compromised WordPress sites
Researchers at Sucuriinvestigated a number of WordPress websites complaining about unwanted redirects and found websites that use fake CAPTCHA forms to…
Microsoft warns about phishing campaign using open redirects
The Microsoft 365 Defender Threat Intelligence Team posted an article stating that they have been tracking a widespread credential phishing campaign…
Drive-by cryptomining campaign targets millions of Android users
Malvertising and online fraud through forced redirects and Trojanized apps—to cite the two most common examples—are increasingly plaguing Android users. In many…