Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks

A “novel” social engineering campaign has been observed abusing Obsidian, a cross-platform note-taking application, as an initial access vector to distribute a previously undocumented Windows remote access trojan called PHANTOMPULSE in attacks targeting individuals in the financial and cryptocurrency sectors.
Dubbed REF6598 by Elastic Security Labs, the activity has been found to leverage

Source

What's Hot

Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation

Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic

Defender 0-Day, SonicWall Brute-Force, 17-Year-Old Excel RCE and 15 More Stories

Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation

Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic

Defender 0-Day, SonicWall Brute-Force, 17-Year-Old Excel RCE and 15 More Stories

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Securi

Why SOC Burnout Can Be Avoided: Practical Steps

Cyber M&A Roundup: Cyber Giants Strengthen AI Security Offerings

Why the Identity Security Fabric is Essential for Securing AI and Non-Human Identities

Most Popular

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Securi

Why SOC Burnout Can Be Avoided: Practical Steps

Our Picks

Children and chatbots: What parents should know

The hidden risks of browser extensions – and how to avoid them

Is it time for internet services to adopt identity verification?

Subscribe to Updates

What's Hot

Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks

Related Posts

Subscribe to Updates