Hackers exploit calendar invites to hijack accounts using CalPhishing
The CalPhishing campaign, active since early 2026, begins with an email appearing to be an urgent administrative alert.
Articles mapped to MITRE ATT&CK techniques. Select a technique to view matching articles.
367 articles found
The CalPhishing campaign, active since early 2026, begins with an email appearing to be an urgent administrative alert.
What happens when a phishing email looks clean enough to pass through security, but dangerous enough to expose the business after one click? That is the gap ...
Gamaredon Uses GammaDrop and GammaLoad Downloaders in Multi-Stage Phishing Attacks. A sustained cyber-espionage campaign linked to the Gamaredon threat group...
A sophisticated Russian-language threat cluster known as Paper Werewolf (also tracked as GOFFEE) has launched a fresh wave of targeted cyberattacks against R...
Threat actors are increasingly hiding malware inside seemingly harmless files, and a new campaign shows just how effective this tactic has become. The attack...
Operation Ramz, a cybercrime initiative coordinated by INTERPOL across the MENA region, focused on disrupting phishing campaigns, malware activity, and cyber...
McAfee + ChatGPT integration brings real-time scam detection in conversations and gives users an easier way to verify suspicious content before clicking or r...
The Tycoon2FA phishing kit now supports device-code phishing attacks and abuses Trustifi click-tracking URLs to hijack Microsoft 365 accounts. [.
Scammers are mailing fake Ledger phishing letters to users in Italy with QR codes that trick crypto wallet users into revealing seed phrases.
The latest FrostyNeighbor campaign begins with a spear-phishing email containing a PDF attachment disguised as an official communication from Ukrtelecom, a m...
Written by: Austin Larsen, Tyler McLellan, Genevieve Stark, Dan Ebreo Introduction Google Threat Intelligence Group (GTIG) has continued to track an expansiv...
Hackers are rapidly weaponizing a little-known Microsoft authentication feature to hijack enterprise accounts, as device code phishing surges across the thre...
Helping a friend recover a stolen phone, Infoblox researchers uncovered a thriving Telegram-based underground marketplace selling unlocking tools and phishin...
Hackers are exploiting Outlook calendar invites and device code phishing to steal M365 session tokens, bypass MFA and breach enterprise accounts.
A new phishing campaign uncovered in late April 2026 shows how threat actors behind the Tycoon 2FA Phishing-as-a-Service (PhaaS) kit are evolving beyond trad...
Cargo theft now starts with phishing emails and stolen credentials, not hijackings, to reroute and steal freight from supply chains. NMFTA outlines how cyber...
The company's latest offerings focus on campaign-level responses rather than individual email analysis. Vision 3.
The Belarus-aligned threat group known as Ghostwriter has been attributed to a fresh set of attacks targeting governmental organizations in Ukraine. Active s...
A widely active phishing-as-a-service (PhaaS) operation known as FlowerStorm has begun using a browser-based virtual machine to conceal credential theft code...
Cofense has announced new advancements to its Phishing Defense Platform aimed at improving detection and response to AI-powered phishing attacks. The updates...