MEDIUMPhishing
Global

Why Ask Credentials If There Are Secret Codes?, (Wed, Jul 1st)

·Source: SANS ISC

Updated:

Executive Summary

This morning, an interesting phishing email hit my mailbox. It targets Metamask[1], a cryptocurrency wallet, available as a browser extension and a mobile app, that lets users store, send, and receive crypto money. It&#x27s pretty popular, so a juicy target for criminals. In February, I already mentioned a campaign against them[2].

Analysis

This morning, an interesting phishing email hit my mailbox. It targets Metamask[1], a cryptocurrency wallet, available as a browser extension and a mobile app, that lets users store, send, and receive crypto money. It&#x27s pretty popular, so a juicy target for criminals. In February, I already mentioned a campaign against them[2].
Source Attribution

Originally published by SANS ISC on Jul 1, 2026.

Related Threats

CRITICALPhishing

Schneider Electric EasyLogic T150 and Saitel DP RTU

<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-181-04.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of these vulnerabilities can allow an attacker to cause unauthorized access and exposure of sensitive information when the unauthenticated attacker accesses credentials stored within firmware or system files.</

CVE-2026-9650CVE-2026-9651
CISA Advisories
CRITICALPhishing

OFFIS DCMTK Toolkit

<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsma-26-181-01.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of these vulnerabilities could allow an attacker to write files, access unauthorized information, exhaust memory, or crash affected DCMTK client or server processes.</strong></p> <p>The following versions of O

CVE-2026-50003CVE-2026-50254
CISA Advisories
CRITICALPhishing

Mitsubishi Electric MELSOFT Update Manager SW1DND-UDM-M

<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-181-01.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of these vulnerabilities could allow a local attacker to tamper with or destroy information in the affected product, cause a denial-of-service condition in the affected product, or execute arbitrary code when a

CVE-2025-53816CVE-2025-53817
CISA Advisories