Russian APT29 Exploits Gmail App Passwords to Bypass 2FA in Targeted Phishing Campaign

Updated on June 19, 2025

Threat actors with suspected ties to Russia have been observed taking advantage of a Google account feature called application specific passwords (or app passwords) as part of a novel social engineering tactic designed to gain access to victims’ emails.
Details of the highly targeted campaign were disclosed by Google Threat Intelligence Group (GTIG) and the Citizen Lab, stating the activity…

Read the rest of the story at Read More

Source: The Hacker News

August 8, 2024 Uncategorized

New Phishing Scam Uses Google Drawings a...

December 13, 2024 Uncategorized

390,000+ WordPress Credentials Stolen vi...

August 30, 2024 Uncategorized

Russian APT29 Exploits Gmail App Passwords to Bypass 2FA in Targeted Phishing Campaign

Related posts

New Phishing Scam Uses Google Drawings a...

390,000+ WordPress Credentials Stolen vi...

New Cyberattack Targets Chinese-Speaking...

Leave a Comment Cancel reply

Recent News

Pre-Auth Exploit Chains Found in Commvault Could Enable Remote Code Execution Attacks

Cybercriminals Deploy CORNFLAKE.V3 Backdoor via ClickFix Tactic and Fake CAPTCHA Pages

Hackers Using New QuirkyLoader Malware to Spread Agent Tesla, AsyncRAT and Snake Keylogger

Weak Passwords and Compromised Accounts: Key Findings from the Blue Report 2025

Scattered Spider Hacker Gets 10 Years, $13M Restitution for SIM Swapping Crypto Theft

Apple Patches CVE-2025-43300 Zero-Day in iOS, iPadOS, and macOS Exploited in Targeted Attacks

DOM-Based Extension Clickjacking Exposes Popular Password Managers to Credential and Data Theft

FBI Warns FSB-Linked Hackers Exploiting Unpatched Cisco Devices for Cyber Espionage

Experts Find AI Browsers Can Be Tricked by PromptFix Exploit to Run Malicious Hidden Prompts

🕵️ Webinar: Discover and Control Shadow AI Agents in Your Enterprise Before Hackers Do