In late 2021, LabHost (AKA LabRat) emerged as a new PhaaS platform, growing over time to eventually offer dozens of phishing pages targeting banks, high-profile organizations, and other service providers located around the world, but most notably in Canada, the US, and the UK.
The popularity of the platform meant that at the time of the takedown, it boasted more than 2,000 criminal users, who had used it to deploy over 40,000 fraudulent sites leading to hundreds of thousands of victims worldwide. The platform offered a number of key benefits to its criminal clientele, including: The ability to obtain two-factor authentication (2FA) codes by proxying the connection to the phished organization using Adversary-in-the-Middle (AitM) techniques.
Read more…
Source: Trend Micro
Related:
- Cybercrook claims to be selling infrastructure info about three major US utilities
January 2, 2026
A cybercrook claims to have breached Pickett and Associates, a Florida-based engineering firm whose clients include major US utilities, and is selling what they claim to be about 139 GB of engineering data about Tampa Electric Company, Duke Energy Florida, and American Electric Power. The price is 6.5 bitcoin, which amounts to about $585,000. Based in ...
- Business continuity isn’t keeping pace with cyber threats, warns Sedgwick CISO
January 2, 2026
Business continuity plans are lagging behind the speed and complexity of modern cyberattacks, according to Eric Schmitt (pictured), chief information security officer at Sedgwick. “In most cases, it is not,” Schmitt said, when asked whether current business continuity frameworks are adapting to today’s cyber threat environment. He drew a sharp line between business continuity and disaster ...
- Cognizant hit with multiple US class-action lawsuits after TriZetto data breach
January 2, 2026
Cognizant Technology Solutions is facing a wave of class-action lawsuits in the United States after a long-running data breach at its healthcare claims processing unit, TriZetto Provider Solutions (TPS), triggered legal challenges from affected individuals. According to court filings, at least three lawsuits were filed late last month in federal courts in New Jersey and Missouri, ...
- U.S. DOJ: Two Americans Plead Guilty to Targeting Multiple U.S. Victims Using ALPHV BlackCat Ransomware
December 30, 2025
Yesterday, a federal district court in the Southern District of Florida accepted the guilty pleas of two men to conspiring to obstruct, delay or affect commerce through extortion in connection with ransomware attacks occurring in 2023. “These defendants used their sophisticated cybersecurity training and experience to commit ransomware attacks — the very type of crime ...
- CVE-2025-14847: Critical Memory Leak in MongoDB Allowing Attackers to Extract Sensitive Data
December 29, 2025
On December 19, 2025, MongoDB Inc. disclosed a critical new vulnerability, CVE-2025-14847, which has since been dubbed MongoBleed. This vulnerability is a high-severity unauthenticated memory leak affecting MongoDB, one of the world’s most popular document-oriented databases. While initially identified as a data exposure flaw, the severity is underscored by the fact that it allows attackers ...
- Malware in 2025 spread far beyond Windows PCs
December 29, 2025
If there’s one thing that became very clear in 2025, it’s that malware is no longer focused on Windows alone. We’ve seen some major developments, especially in campaigns targeting Android and macOS. Unfortunately, many people still don’t realize that protecting smartphones, tablets, and other connected devices is just as essential as securing their laptops. Banking Trojans ...