Water Dybbuk Using Open-Source Toolkits To Carry Out BEC Campaign
The Water Dybbuk threat group targets large companies around the world with a Business Email Compromise (BEC) campaign to steal credentials.
The initial attack vector consists of spear-phishing emails with malicious attachments directing victims to malicious websites.
The operation uses the BadaxxBot toolkit and Evilginx framework along with the JavaScript Obfuscator Tool to carry out the operation.
Featured Resources
blog
Protect Your Network from Unauthorized Access: 6 Security Controls Every CISO Needs in 2025
Unauthorized access to corporate networks is one of the most critical cybersecurity risks facing organizations. Knowing how to prevent unauthorized
blog
Cymulate IS the Evolution to Adversarial Exposure Validation
The 2025 Gartner® Market Guide for Adversarial Exposure Validation1 helps security and risk management leaders understand the key use cases
blog
Cloud Security Automation: Key Practices for Success
In 2025, global spending on cloud services is projected to increase by 21.5% compared to 2024, reaching an estimated $723.4