A malicious Python script named SNS Sender is conducting 'smishing' scams impersonating the U.S. Postal Service to collect personal data and payment information.

The threat actor behind this, identified as 'ARDUINO_DAS', is utilizing AWS SNS for SMS spamming in an operation that's been active since July 2022.

The scam is connected to phishing kits with some containing covert backdoors, indicating a higher level of sophistication in the attacks.

A new malware dropper, TicTacToe, has been found spreading various types of malware targeting Windows users.

Ad networks and legitimate platforms, such as Discord, are being exploited by cybercriminals to launch spam campaigns and distribute malware.

These trends showcase the evolving strategies of threat actors, underlining the importance of caution when dealing with unsolicited text message links.