Threat Actors Exploit Calendar Subscriptions for Phishing and Malware Delivery

Threat Actors Exploit Calendar Subscriptions for Phishing and Malware Delivery

First seen 28 Nov 2025, 16:37 UTC ScworldInfosecurity-MagazineEsecurityplanet 84% similarity 37.6

Article Content

Browse articles
ThreatCluster

Threat actors are manipulating digital calendar subscription services to deliver phishing and malware content. This exploitation affects users of synced calendars, including platforms like Google Calendar and iCalendar, which can inadvertently distribute malicious links through event notifications. The attack leverages abandoned domains that were previously used for legitimate calendar subscriptions.

ThreatCluster AI

Community

Browse all →