'Haozi' Gang Sells Turnkey Phishing Tools to Amateurs

The phishing operation is using Telegram groups to sell a phishing-as-a-service kit with customer service, a mascot, and infrastructure that requires little technical knowledge to install.

May 29, 2025 Signup

Daily Edition

Today’s news and insights for cybersecurity professionals

- Today's News and Features -

TOP STORY

'Haozi' Gang Sells Turnkey Phishing Tools to Amateurs‎‎ The phishing operation is using Telegram groups to sell a phishing-as-a-service kit with customer service, a mascot, and infrastructure that requires little technical knowledge to install.‎‎ Keep Reading →

Hundreds of Web Apps Have Full Access to Microsoft OneDrive Files‎‎‎‎ Researchers at Oasis Security say the problem has to do with OneDrive File Picker having overly broad permissions.‎‎‎‎

Cellcom Restores Regional Mobile Services After Cyberattack‎‎‎‎ Customers in parts of Wisconsin and Michigan could not make calls or send text messages for nearly a week after an incident on May 14, and service is still intermittent in some areas.‎‎‎‎

Have Your Say: Dark Reading Seeks Your Input‎‎‎‎ Dark Reading is offering its readers the opportunity to tell us how we're doing via a new survey.‎‎‎‎

THE EDGE

CISA Issues SOAR, SIEM Implementation Guidance‎ The Cybersecurity and Infrastructure Security Agency (CISA) and Australian Cyber Security Centre (ACSC) recommend that organizations conduct thorough testing and manage costs, which can be hefty, before implementing the platforms.‎

DR TECHNOLOGY

Certified Randomness Uses Quantum Cryptography to Make Stronger Keys‎ Researchers are using quantum computers to generate keys that are truly random to strengthen data encryption.‎

PODCAST

Dark Reading Confidential: The Day I Found an APT Group in the Most Unlikely PlaceEpisode 6: In our latest podcast, threat hunters Ismael Valenzuela and Vitor Ventura share stories about the tricks they used to track down advanced persistent threat groups, and the surprises they discovered along the way.

SPONSORED ARTICLE

It's Time to Rethink Your Security for the AI Era‎‎‎‎ Hackers are scouring day and night for vulnerabilities like VPNs and public-facing IPs to exploit — and AI is only making their lives easier.‎‎‎‎

Read More →

- Commentary -

Opinions from thought leaders around the cybersecurity industry

Why Take9 Won't Improve Cybersecurity‎‎‎‎ The latest cybersecurity awareness campaign asks users to pause for nine seconds before clicking — but this approach misplaces responsibility and ignores the real problems of system design.‎‎‎‎

Implementing Secure by Design Principles for AI‎‎‎‎ Harnessing AI's full transformative potential safely and securely requires more than an incremental enhancement of existing cybersecurity practices. A Secure by Design approach represents the best path forward.‎‎‎‎

More Commentary →

- Upcoming Events -

May 29, 2025 Detecting Zero Days on the Edge

Jun 19, 2025 DevSecOps Achievement Unlocked

Jun 26, 2025 Strategic Security for the Modern Enterprise

More Events →

- More Resources -

WHITE PAPER Shaping the Cyber-Physical Future: Trends, Challenges, and Opportunities for 2025

WHITE PAPER The State of Workforce Security: Key Insights for IT and Security Leaders

WHITE PAPER SMB Cyber Survival Guide

REPORT Building Blocks for Next-Gen Security Operations

More Resources →

- Elsewhere in Cyber Today -

CHECKMARX

PyPI Supply Chain Attack Uncovered: Colorama and Colorizr Name Confusion

LINEAJE

Software Supply Chain Security Survey: RSAC 2025 Attendees Report Gap Between Confidence and Readiness

IOT WORLD TODAY

Breakthrough in Quantum Security for High-Speed Data Networks: Q&A

- Do You Find Today’s Newsletter Helpful? -

Yes Not sure No

You received this message because you are subscribed to Dark Reading's Daily newsletter. If a friend forwarded you this message, sign up here to get it in your inbox. Thoughts about this newsletter? Give us feedback.

Advertise With Us | Privacy Policy | Unsubscribe Copyright © 2025 TechTarget, Inc. or its subsidiaries. All rights reserved. Operated by TechTarget, Inc. and its subsidiaries, 275 Grove Street, Newton, Massachusetts, 02466 US