Water Dybbuk Using Open-Source Toolkits To Carry Out BEC Campaign
The Water Dybbuk threat group targets large companies around the world with a Business Email Compromise (BEC) campaign to steal credentials.
The initial attack vector consists of spear-phishing emails with malicious attachments directing victims to malicious websites.
The operation uses the BadaxxBot toolkit and Evilginx framework along with the JavaScript Obfuscator Tool to carry out the operation.
Featured Resources
blog
Cymulate IS the Evolution to Adversarial Exposure Validation
The 2025 Gartner® Market Guide for Adversarial Exposure Validation1 helps security and risk management leaders understand the key use cases
blog
Cloud Security Automation: Key Practices for Success
In 2025, global spending on cloud services is projected to increase by 21.5% compared to 2024, reaching an estimated $723.4
blog
The Future of Cloud Security: 7 Key Trends in 2025
There’s no sign of businesses slowing down their cloud adoption and the reasons are clear. Cloud security offers great agility