Analyst207Apr 15

n8n Workflow Automation Platform Exploited to Deliver Malware via Phishing Emails

Imagine a tool designed to streamline your work being turned against you - that's what happened when threat actors exploited the popular n8n workflow automation platform to deliver malware via phishing emails, starting as early as October 2025. This clever tactic uses trusted infrastructure to…

https://osintsights.com/n8n-workflow-automation-platform-exploited-to-deliver-malware-via-phishing-email?utm_source=mastodon&utm_medium=social

#WorkflowAutomationPlatform #PhishingEmails #Malware #EmergingThreats #AiWorkflowAutomation

n8n Workflow Automation Platform Exploited to Deliver Malware via Phishing Emails

Learn how threat actors exploit n8n workflow automation for malware delivery via phishing emails and protect your organization from this emerging threat now.

OSINTSights
eqtvJan 13

Tips from Nadiyno.org: how to recognise dangerous attachments in emails and protect yourself

https://peertube.eqver.se/w/iWZ4NyZS9zpXwiqUZNat2S

Nadyino_qa_1_004_en

PeerTube
Rene RobichaudJul 21, 2025

Beware of npm Phishing Emails Targeting Developer Credentials
https://gbhackers.com/beware-of-npm-phishing-emails/

#Infosec #Security #Cybersecurity #CeptBiro #npm #PhishingEmails #DeveloperCredentials

Beware of npm Phishing Emails Targeting Developer Credentials

An developer recently came across a highly advanced phishing email that spoofs the [email protected] address in order.

GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Rene RobichaudJun 27, 2025

Exploitation of Microsoft 365 Direct Send to Deliver Phishing Emails as Internal Users
https://gbhackers.com/exploitation-of-microsoft-365-direct-send-to-deliver-phishing-emails/

#Infosec #Security #Cybersecurity #CeptBiro #Exploitation #Microsoft365 #PhishingEmails

Exploitation of Microsoft 365 Direct Send to Deliver Phishing Emails as Internal Users

A phishing campaign targeting over 70 organizations, predominantly in the US, has been uncovered by Varonis’ MDDR Forensics team.

GBHackers Security | #1 Globally Trusted Cyber Security News Platform
ITF Tech LtdMar 11, 2025

Most cyber attacks start with an email where criminals pretend to be someone you know.

If you don’t want to fall victim (and trust me, you don’t), you and your team need to know how to spot them.

Here’s how…

#PhishingEmails #CyberCrime #DataSecurity

ITF Tech LtdOct 15, 2024

Phishing emails pretending to be from Microsoft trick you into sharing information or clicking harmful links. Train your team to spot fake emails and use multi-factor authentication to keep your business protected

#PhishingEmails #CyberSecurity
https://www.techrepublic.com/article/spoof-microsoft-notifications-2024/

Over 5,000 Fake Microsoft Notifications Fueling Email Compromise Campaigns

Check Point documented 5,000 spam emails coming from legitimate-looking domains as fake Microsoft application alerts. Real links complete the trap.

TechRepublic
ITF Tech LtdOct 7, 2024

Scammers are using the typo “rnicrosoft” instead of “microsoft” to trick you into handing over passwords or financial details. Always double-check email addresses, and train your team to spot phishing scams

#Microsoft #CyberSecurity #PhishingEmails https://windowsreport.com/microsoft-scammers-are-now-using-the-rnicrosoft-typo-to-hack-accounts/

Scammers are now using the rnicrosoft typo to hack Microsoft accounts

rnicrosoft is the latest hacking trend that it's not only in your face, but also very effective, and simple. Pay close attention!

Windows Report
Glowing Cat of the Nuclear Wastelands ☣Jul 4, 2024
Okay. Stupid question for anyone who can answer:

Is there anything I can do about #PhishingEmails other than just block them/mark as spam? Like, Thunderbird correctly flags these emails as junk mail, and since this is one of my emails on one of my domains, I can go into my hosting control panel and block the email address and/or domain it comes from... but the last time I notified my hosting provider, they were just like "That looks like phishing! Don't click that!" even though I literally told them I knew that's what it was, and I wanted to let them know because the phisher was attempting to convince me they were my host.

Like, is it worth plugging these domains into a whois look up and see who the registrar is and report abuse to them or...?

ALLi Blog (unofficial)Jun 22, 2024
How to Spot and Avoid Phishing Emails: Indie Author Guidance https://selfpublishingadvice.org/spot-and-avoid-phishing-emails-indie-author-guidance/ #authorwatchdog #phishingemails #ALLiWatchdog #authorscams #Watchdog #scams
How to Spot and Avoid Phishing Emails: Indie Author Guidance

Following our recent #AskALLi advice post on indie author scams, we're following up with detailed guidance for spotting phishing emails.

The Self-Publishing Advice Center
Geekmaster 👽Jul 24, 2023

Spent a few hours updating my #IOC collection on my #GitHub repositories. Added a long list of IOCs from #DocuSign #PhishingEmails here: https://github.com/Geekmaster-General/IOCs/blob/main/DocuSign%20IOCs

Also added a new section called "Phishing Email IOCs" which you can find here: https://github.com/Geekmaster-General/IOCs/blob/main/Phishing%20Email%20IOCs

This covers the infamous "Password Reset", "Microsoft Teams File", "Storage if Full", "Messages on Hold", and "SharePoint Document" phishing emails we all see from time to time.

#cyberdefense #cybersecurity #securitymanagement

IOCs/DocuSign IOCs at main · Geekmaster-General/IOCs

Storage for the IOCs I collect. Contribute to Geekmaster-General/IOCs development by creating an account on GitHub.

GitHub