Water Dybbuk Using Open-Source Toolkits To Carry Out BEC Campaign
The Water Dybbuk threat group targets large companies around the world with a Business Email Compromise (BEC) campaign to steal credentials.
The initial attack vector consists of spear-phishing emails with malicious attachments directing victims to malicious websites.
The operation uses the BadaxxBot toolkit and Evilginx framework along with the JavaScript Obfuscator Tool to carry out the operation.
Featured Resources
blog
Why Threat Exposure Validation is Critical for Cybersecurity in 2025
Introducing the Threat Exposure Validation Impact Report 2025 Cybersecurity needs to evolve — and fast. The threats we face today
blog
Task Scheduler– New Vulnerabilities for schtasks.exe
Introduction The schtasks.exe binary is a core component of the Task Scheduler Service in Windows, enabling users to schedule and
Solution Brief
Detection Engineering
Early Detection is Critical to Stopping Cyber Attacks Threat actors often move across IT networks and cloud environments, evolving tactics