Artificial intelligence has revolutionized web development, empowering even novice users to create professional-looking websites. Tools like Lovable enable anyone to build and host applications with little to no coding knowledge, while Netlify and Vercel position themselves as AI-native development platforms.
However, cybercriminals are increasingly exploiting these services to create and host fake captcha challenge websites, which serve as entry points for phishing campaigns. Since January, Trend Micro has observed a rise in fake captcha pages hosted on such platforms. These scams pose a dual threat: misleading users while evading automated security systems.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- New macOS malware chain could cause a major security headache
November 26, 2025
North Korean state-sponsored threat actors are targeting macOS users with new malware, utilizing a strategy that combines two popular approaches – fake job ads, and ClickFix, experts have warned. Security researchers Jamf confirmed they have spotted attacks in the wild using ClickFix, an attack method in which the victim is presented with a fake problem, and ...
- Multiple London councils hit by ‘cyber attack’
November 26, 2025
Several London councils have been hit by a “cyber attack” which could have compromised residents’ data. Kensington and Chelsea, Hammersmith and Fulham, and Westminster City councils said they have been responding to a “cyber security issue” since Monday morning. The councils, which share a number of IT systems, added they are working with the “help of ...
- FBI: Account Takeover Fraud via Impersonation of Financial Institution Support
November 25, 2025
The FBI warns of cyber criminals impersonating financial institutions to steal money or information in Account Takeover (ATO) fraud schemes. The cyber criminals target individuals, businesses, and organizations of varied sizes and across sectors. In ATO fraud, cyber criminals gain unauthorized access to the targeted online financial institution, payroll, or health savings account, with the ...
- The Dual-Use Dilemma of AI: Malicious LLMs
November 25, 2025
A fundamental challenge with large language models (LLMs) in a security context is that their greatest strengths as defensive tools are precisely what enable their offensive power. This issue is known as the dual-use dilemma, a concept typically applied to technologies like nuclear physics or biotechnology, but now also central to AI. Any tool powerful enough ...
- US banks scramble to assess data theft after hackers breach financial tech firm
November 24, 2025
Several U.S. banking giants and mortgage lenders are reportedly scrambling to assess how much of their customers’ data was stolen during a cyberattack on a New York financial technology company earlier this month. SitusAMC, which provides technology for over a thousand commercial and real estate financiers, confirmed in a statement over the weekend that it had ...
- From Extortion to E-commerce: How Ransomware Groups Turn Breaches into Bidding Wars
November 24, 2025
Ransomware has evolved from simple digital extortion into a structured, profit-driven criminal enterprise. Over time, it has led to the development of a complex ecosystem where stolen data is not only leveraged for ransom, but also sold to the highest bidder. This trend first gained traction in 2020 when the Pinchy Spider group, better known as ...