Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks

April 16, 2026
No Comments

Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks

A “novel” social engineering campaign has been observed abusing Obsidian, a cross-platform note-taking application, as an initial access vector to distribute a previously undocumented Windows remote access trojan called PHANTOMPULSE in attacks targeting individuals in the financial and cryptocurrency sectors.
Dubbed REF6598 by Elastic Security Labs, the activity has been found to leverage

Leave a Reply Cancel reply

Security trends today: AI escalation, identity exposure, and the operationalization of Zero Trust April 16, 2026
Security conversations are no longer centered on whether attacks will increase; instead, they are focused on evolving threats, how convincingly threat actors impersonate trust, and how prepared organizations are to detect what they have never seen before. Because cybercriminals use the same technologies enterprises are racing to adopt, AI is not just reshaping business workflows. […]
Joseph Campbell
OpenAI expands cybersecurity program with GPT-5.4-Cyber model April 16, 2026
OpenAI will be expanding its cybersecurity efforts by increasing the number of verified defenders served by its Trusted Access for Cyber (TAC) program into the thousands, with hundreds more security teams to follow. This move aims to address the challenge of defenders and attackers increasingly using AI, accelerating the pace and complexity of cyber threats. At the […]
Kirsten Doyle
When PUPs bite: Huntress uncovers “weaponised” adware exposing 25,000+ systems April 16, 2026
Cybersecurity provider Huntress has identified a major security threat. What appeared to be an unassuming potentially unwanted program (PUP) has transformed into a threat that can disable antivirus systems and put thousands of endpoints at risk. As mentioned in a recent blog, the cyberattack involves the signing of an application via Dragon Boss Solutions, which researchers term adware. The software uses […]
Kirsten Doyle
Why the cybersecurity skills gap is partly self-inflicted April 7, 2026
The cybersecurity skills gap is usually framed as a hiring problem. Organizations respond by expanding recruitment pipelines, investing in certifications, and launching internal training programs. The logic seems simple: if security teams are understaffed, the solution is to add more talent. There is some truth to that. Skilled cybersecurity professionals are indeed scarce globally. The […]
Apu Pavithran
The quiet revolt: what the world happiness report 2026 tells security professionals April 7, 2026
Something the World Happiness Report 2026 reveals deserves more attention than it has received outside wellbeing circles. In Western Europe and English-speaking countries, young people who use social media for more than seven hours a day report significantly lower wellbeing than those who use it for under an hour. The most damaging platforms are not […]
Anastasios Arampatzis
Telehealth company Hims & Hers discloses data breach April 7, 2026
Hims & Hers, a telehealth company, has disclosed a data breach involving its third-party customer support ticketing system after hackers gained access between 4 and 7 February 2026. In a letter to customers, it warned of a data security incident that might have exposed their personal information. On 5 February, the company said it became aware of suspicious activity affecting its third-party customer service platform. “We […]
Kirsten Doyle
The European Commission confirms attack on its Europa web platform April 2, 2026
The European Commission has confirmed a cyberattack affecting its Europa.eu web platform, with initial reports indicating that the attackers accessed the data from the cloud infrastructure provided by AWS. The incident was detected on 24 March, with the commission stating that the attack was contained while the investigation is still underway. Actors affiliated with the ShinyHunters group have claimed responsibility, stating that they accessed over 350 gigabytes […]
Kirsten Doyle
Enterprise AI security: weighing the benefits and risks in 2026 April 2, 2026
The integration of artificial intelligence into core business systems, better known as enterprise AI, is moving fast, along with the threats around it. Security teams are confronting AI-powered cyberattacks, tightening global regulations, and facing a growing expectation that cyber defenses must operate at the same speed as threat actors. At the same time, organizations are […]
Cynthia Overby
LiteLLM supply chain attack exposes millions to credential theft March 30, 2026
Researchers at Endor Labs, have discovered a supply chain attack on the popular Python package LiteLLM on PyPI, with malicious code injected into versions 1.82.7 and 1.82.8, which have been withdrawn. The package is used in AI environments and developer tools, with an estimated 95 million downloads per month. The malicious packages included credential-stealing malware, including a .pth file that can […]
Kirsten Doyle
Making stolen data worthless: why security must start with the data March 30, 2026
Organisations have spent years investing heavily in cybersecurity solutions. Firewalls have been strengthened, identity systems refined, and monitoring tools deployed across increasingly complex environments. Yet despite this, data breaches continue to expose vast amounts of sensitive information, often with severe financial, operational, and reputational consequences. The uncomfortable truth is that the industry has long been […]
Simon Pamplin

Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks

UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign

Hidden Passenger? How Taboola Routes Logged-In Banking Sessions to Temu

Leave a Reply Cancel reply

[email protected]

Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks

Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks

Share :

Leave a Reply Cancel reply