Daniel Kelley

SlashNext

The Next Evolution in Black-Hat AI A new player has entered the cybercrime AI landscape – Xanthorox AI, a malicious tool that brands itself as the “Killer of WormGPT and all EvilGPT variants.”  First spotted in late Q1 2025, Xanthorox began circulating in cybercrime communities across darknet forums and encrypted ... Read More

The Next Evolution in Black-Hat AI A new player has entered the cybercrime AI landscape – Xanthorox AI, a malicious tool that brands itself as the “Killer of WormGPT and all EvilGPT variants.”  First spotted in late Q1 2025, Xanthorox began circulating in cybercrime communities across darknet forums and encrypted ... Read More

Phishing attacks have moved beyond simply sending emails with malicious links to incorporate more modern social engineering techniques, including the alarming trend of mixing in smishing (SMS phishing) and vishing (voice phishing). These techniques are a growing threat beyond email security and enhance cybercriminals’ capabilities to achieve their objectives using ... Read More

Phishing attacks have moved beyond simply sending emails with malicious links to incorporate more modern social engineering techniques, including the alarming trend of mixing in smishing (SMS phishing) and vishing (voice phishing). These techniques are a growing threat beyond email security and enhance cybercriminals’ capabilities to achieve their objectives using ... Read More

Phishing attacks continue to evolve, pushing even the most secure authentication methods to their limits. First advertised on cybercrime networks in late January 2025, Astaroth is a brand new phishing kit that bypasses two-factor authentication (2FA) through session hijacking and real-time credential interception. Astaroth utilizes an evilginx-style reverse proxy to ... Read More

Phishing attacks continue to evolve, pushing even the most secure authentication methods to their limits. First advertised on cybercrime networks in late January 2025, Astaroth is a brand new phishing kit that bypasses two-factor authentication (2FA) through session hijacking and real-time credential interception. Astaroth utilizes an evilginx-style reverse proxy to ... Read More

Employees in most organizations receive countless communications daily—emails, Slack messages, or ticket updates, for example. Hidden among these routine interactions are phishing scams designed to exploit trust and compromise security. Imagine an employee receiving a text that appears to be from their bank: “Suspicious activity detected on your account. Click ... Read More

Employees in most organizations receive countless communications daily—emails, Slack messages, or ticket updates, for example. Hidden among these routine interactions are phishing scams designed to exploit trust and compromise security. Imagine an employee receiving a text that appears to be from their bank: “Suspicious activity detected on your account. Click ... Read More

One morning, you decide to make a purchase from a seemingly reputable online store. The website displays a familiar checkout interface resembling Stripe’s payment process. You enter your payment details, feeling confident in the website’s legitimacy: Credit card number  Expiration date  CVV  Billing address You even enter a one-time password ... Read More

One morning, you decide to make a purchase from a seemingly reputable online store. The website displays a familiar checkout interface resembling Stripe’s payment process. You enter your payment details, feeling confident in the website’s legitimacy: Credit card number  Expiration date  CVV  Billing address You even enter a one-time password ... Read More