Phishing
20 articles
Hackers Use The Quarry PhaaS Ecosystem to Target U.S. Victims With IRS Phishing
A single developer-known online as RockyBelling has assembled a highly modular PhaaS/MaaS ecosystem that affiliates worldwide use to launch highly targeted I...
One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes
A single click on a trusted Microsoft link could have let an attacker pull emails, calendar details, and indexed files out of Microsoft 365 Copilot Enterpris...
Conan O'Brien stars in new cybersecurity training series
The 15-part video series, created in collaboration with Team Coco, addresses AI-driven threats such as phishing, impersonation, voice cloning, and deepfakes.
⚡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More
Stuff broke again. Not in a movie way.
Webinar: How behavioral AI stops phishing and account takeovers
Modern phishing, BEC, and account takeover attacks increasingly bypass traditional email defenses and create operational strain for security teams. This webi...
PhishLumos: Exposing phishing campaigns that evade detection by hiding content
Phishing remains one of the most stubbornly persistent threats in cybersecurity: humans are tired, distracted, trusting, and susceptible to urgency and autho...
FBI, Google Dismantle ‘Outsider Enterprise’ Phishing Service
The platform used more than 9,000 phishing sites, stealing nearly 4 million credit cards and causing roughly $1.9 billion in losses.
EvilTokens: A phishing attack that doesn’t steal your password
A phishing kit subverting Microsoft’s legitimate authentication flow lets attackers break into accounts without stealing passwords or creating fake login pages
Belarus-linked hackers target Gmail accounts of Polish public figures and their families
Poland has warned that Ghostwriter, the Belarus-linked hacker group, has expanded its phishing operations to target personal Gmail accounts belonging to seni...
New Agentjacking Attack Hijacks AI Coding Agents to Execute Malicious Code
A newly disclosed Agentjacking attack class can silently weaponize AI coding agents against the very developers who rely on them, requiring no phishing, no s...
FBI takes down massive China-based cybercrime network that caused $1.9B in losses
Outsider provided phishing kits and infrastructure for cybercriminals to scam victims with lures claiming they missed packages, had unpaid tolls or parking v...
Cybercriminals are moving away from mass phishing campaigns
Phishing activity declined by roughly 20% in both 2024 and 2025, according to research from Zscaler’s ThreatLabz team. The drop followed years of growth that...
Proxmox releases Mail Gateway 9.1 with quarantine and backup encryption changes
Proxmox Mail Gateway 9.1 adds updated system components, changes to the spam quarantine interface, and encryption for backups.
Interpol Dismantles SniperDz Phishing-as-a-Service Platform
New revelations by Group-IB expose the full scale of the decade-old SniperDz phishing operation
Aged-domain acquisition: The tradecraft phishing operators are using to bypass your mail filter’s reputation score
I’ve spent the past two years working on incident response and threat intelligence, and the pattern I’m about to describe is one I keep seeing show up in cas...
Cybersecurity Software Fails to Detect Fifth of Brower-Based Phishing Attacks
Menlo Security research warns that as enterprise applications become increasingly browser based, traditional cybersecurity tools leave them vulnerable to cyb...
The 5 Best Practices for Secure Identity Verification
Attackers are increasingly bypassing weak authentication through phishing, MFA fatigue, and service desk social engineering. Specops Software breaks down fiv...
NSO Group Hacking WhatsApp Despite Court Order
WhatsApp has caught the NSO Group phishing its users, in violation of a court order.
Autonomous AI agents duped into leaking sensitive data in phishing test
AI agents given access to corporate email and business applications could become a new phishing target for attackers, according to cybersecurity researchers,...