惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

GbyAI
GbyAI
N
News and Events Feed by Topic
D
DataBreaches.Net
MongoDB | Blog
MongoDB | Blog
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
Engineering at Meta
Engineering at Meta
T
Tailwind CSS Blog
博客园_首页
Microsoft Azure Blog
Microsoft Azure Blog
Y
Y Combinator Blog
博客园 - Franky
Hugging Face - Blog
Hugging Face - Blog
月光博客
月光博客
A
About on SuperTechFans
I
InfoQ
S
Securelist
Last Week in AI
Last Week in AI
S
Schneier on Security
C
CXSECURITY Database RSS Feed - CXSecurity.com
Hacker News: Ask HN
Hacker News: Ask HN
Schneier on Security
Schneier on Security
Know Your Adversary
Know Your Adversary
腾讯CDC
大猫的无限游戏
大猫的无限游戏
S
Security @ Cisco Blogs
博客园 - 三生石上(FineUI控件)
Simon Willison's Weblog
Simon Willison's Weblog
D
Darknet – Hacking Tools, Hacker News & Cyber Security
T
Tor Project blog
美团技术团队
aimingoo的专栏
aimingoo的专栏
G
Google Developers Blog
罗磊的独立博客
Vercel News
Vercel News
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
The Cloudflare Blog
S
Secure Thoughts
www.infosecurity-magazine.com
www.infosecurity-magazine.com
Latest news
Latest news
Recent Announcements
Recent Announcements
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
L
LINUX DO - 热门话题
Security Latest
Security Latest
TaoSecurity Blog
TaoSecurity Blog
Cyberwarzone
Cyberwarzone
有赞技术团队
有赞技术团队

Kaspersky official blog

Key vulnerabilities of Microsoft’s July 2026 Patch Tuesday Meta launched and almost instantly rolled back a feature that trained its AI image generator on Instagram user content. What’s wrong with Meta's NameTag feature and why you should be wary of it Why CAPTCHAs are about to vanish: how AI rewrote the "prove you're human" test The unpatchable backdoor in Yarbo robot mowers Managing the risks of LLM aggregators and AI API proxies Social engineering: how scammers manipulate their victims How today's threat actors break into companies 250,000 misconfigurations in GitHub Actions How hackers use PowerShell scripts to steal Telegram accounts How Hola Browser was weaponized to spread a Monero miner World Cup 2026: watch out for these scams Building an autonomous SOC: core challenges and solutions The FROST attack: how SSD access delays expose users’ activity Taming shadow-AI on corporate devices Hentai games with a nasty twist XChat: what’s wrong with Elon Musk’s new messaging app? Security gateway for autonomous vehicles Is Wi-Fi safe in Mexico? The great messaging heist targeting your wallet Don’t let fake IPTV apps ruin your World Cup Attackers disguising phishing as Google AppSheet notifications Qualcomm vulnerability: phone repairs and car maintenance are no longer safe A lost art finds its way into phishing emails Is your TV box renting out your network? How to turn off unapproved AI tools across organization Subscription security: how to protect your account, your wallet… and your sanity The capabilities of Kaspersky Container Security LLM raiders and how to repel them What happens in the bedroom stays in the bedroom Fake ticket websites exploiting BTS world tour Is your security system secure? Survey-based scams Supply chain attack via Trivy and LiteLLM
Targeted phishing attacks on manufacturing companies
Roman Dedenok · 2026-07-09 · via Kaspersky official blog

Before launching a phishing attack, attackers initiate correspondence with the victim.

Targeted phishing attacks on manufacturing companies

We have identified a new targeted phishing campaign in which cybercriminals attempted to attack manufacturing companies. The attack employed a multi-stage approach — before sending the phishing link directly, the attackers engaged in correspondence with the victim to lower their guard. The email texts were apparently generated using large language models. As of this post’s publication, the attack is still ongoing, so we recommend staying vigilant!

Phishing scheme

The attackers attempt to pose as potential clients. The emails are sent from addresses registered on free email services — these services do not have a known bad reputation, and are often actually used for business correspondence, especially by small companies. Regardless of the victim’s native language (and we’ve seen attacks targeting companies in Russia, the Czech Republic, Malaysia, and Egypt), the attackers’ emails are always written in English.

In the first email, the attackers ask questions about the products being offered, citing actual product names. This indicates thorough preparation for the attacks — the attackers do not send identical emails to manufacturing companies with similar profiles, but rather carefully research publicly available information about each victim online. If someone responds to the first email, the attackers continue the correspondence. Sometimes, before moving directly to their objective — extracting credentials from corporate email accounts — they exchange several messages in which, as a distraction, they clarify certain details or ask additional questions. But more often than not, they send the phishing link as early as the second email.

The attackers send detailed specifications for a product they claim to be interested in, ask if the product can be engraved according to a sketch, or use any other pretext to try to get the victim to open the file they’ve sent.

A chain of emails ending with a phishing link

A chain of emails ending with a phishing link

Phishing website

In reality, there is no file at all. The phishing site that opens when victim clicks the link mimics a popular cloud service for working with PDF documents. The “Download” button leads to a login form where the victim is asked to enter their work email address and password to access the confidential file. Of course, this is “for security purposes.” If an employee of the targeted company doesn’t stop to think about why they would enter their corporate login credentials on a completely unrelated website — one that clearly has no way of verifying their authenticity — then their email address and associated password will be sent to the attackers’ server.

How to stay safe?

Modern phishing attacks are becoming increasingly sophisticated and, thanks to attackers’ use of AI tools, even more convincing. That’s why, first and foremost, we always recommend periodically raising employee security awareness. And to ensure they have to put this knowledge into practice as rarely as possible, it is recommended to deploy a security solution at the email gateway level. Specifically, our Kaspersky Secure Mail Gateway detects this phishing attack even before the attackers move on to the actual phishing attempt.

Why CAPTCHAs are about to vanish: how AI rewrote the

AI beat CAPTCHA. What’s next?

For over a decade, internet users have had to squint at blurry fire hydrants, bridges, and bicycles — until AI came along. What’s next for the CAPTCHA?

Why CAPTCHAs are about to vanish: how AI rewrote the
Tips

AI beat CAPTCHA. What’s next?

For over a decade, internet users have had to squint at blurry fire hydrants, bridges, and bicycles — until AI came along. What’s next for the CAPTCHA?

Cracked in under a minute: (nearly) every other password

We’ve revisited our study on the crackability of real-world passwords leaked on the dark web — originally conducted two years ago. The findings are sobering: nearly every other password can be cracked in under a minute, and three out of five take less than an hour. How can we move away from insecure passwords?