MITRE ATT&CK Mapping

Infosecurity Magazine Phishing Feb 19

Starkiller: New ‘Commercial-Grade’ Phishing Kit Bypasses MFA

A new cybercriminal toolkit uses proxies to mimic popular online services and represents a “significant escalation in phishing infrastructure,” warn research...

T1566

Infosecurity Magazine →

Infosecurity Magazine Campaigns Feb 16

Operation DoppelBrand Weaponizes Trusted Brands For Credential Theft

New phishing campaign dubbed Operation DoppelBrand targeted major financial firms like Wells Fargo

T1566 T1078

Infosecurity Magazine →

Kaspersky Securelist Phishing Feb 11

Spam and phishing in 2025

The report contains statistics on spam and phishing in 2025, outlining the main trends: phishing and scam QR codes, ClickFix attacks, ChatGPT subscription lu...

T1566

Kaspersky Securelist →

Infosecurity Magazine Ransomware Microsoft Feb 10

Phorpiex Phishing Delivers Low-Noise Global Group Ransomware

High-volume phishing campaign delivers Phorpiex malware via malicious Windows Shortcut files

T1566

Infosecurity Magazine →

Infosecurity Magazine Phishing Feb 4

AI Drives Doubling of Phishing Attacks in a Year

Cofense claims AI is making phishing emails more personalized and sophisticated

T1566

Infosecurity Magazine →

Infosecurity Magazine Campaigns Feb 3

New Password-Stealing Phishing Campaign Targets Corporate Dropbox Credentials

Multi-stage attack begins with fake message relating to business requests and evades detection with link hidden in a PDF

T1566

Infosecurity Magazine →

Mandiant Blog TTPs Jan 30

Vishing for Access: Tracking the Expansion of ShinyHunters-Branded SaaS Data Theft

Introduction Mandiant has identified an expansion in threat activity that uses tactics, techniques, and procedures (TTPs) consistent with prior ShinyHunters-...

T1566 T1041

Mandiant Blog →

Mandiant Blog Phishing Jan 30

Guidance from the Frontlines: Proactive Defense Against ShinyHunters-Branded Data Theft Targeting SaaS

Introduction Mandiant is tracking a significant expansion and escalation in the operations of threat clusters associated with ShinyHunters-branded extortion.

T1566 T1041

Mandiant Blog →

Infosecurity Magazine Phishing Okta Jan 26

Okta Flags Customized, Reactive Vishing Attacks Which Bypass MFA

Threat actors posing as IT support teams use phishing kits to generate fake login sites in real-time to trick victims into handing over credentials

T1566

Infosecurity Magazine →

Infosecurity Magazine Campaigns Jan 22

LastPass Warns of Phishing Campaign Attempting to Steal Master Passwords

Phoney email alerts suggest users need to backup their LastPass accounts within 24 hours.

T1566

Infosecurity Magazine →

Infosecurity Magazine Phishing Jan 21

Phishing and Spoofed Sites Remain Primary Entry Points For Olympics

Cyber risks for the Milano-Cortina 2026 Winter Games include phishing and spoofed websites as key threat vectors

T1566

Infosecurity Magazine →

Infosecurity Magazine Campaigns Jan 21

Peruvian Loan Scam Harvests Cards and PINs via Fake Applications

Loan phishing operation in Peru is stealing card info by impersonating financial institutions

T1566

Infosecurity Magazine →

Infosecurity Magazine Campaigns Jan 20

LinkedIn Phishing Campaign Exploits Open-Source Pen Testing Tool to Compromise Business Execs

Cybersecurity Researchers at ReliaQuest warn of an ongoing campaign delivered to “high-value individuals” via LinkedIn messages

T1566

Infosecurity Magazine →

Recorded Future TTPs Dec 17

BlueDelta’s Persistent Campaign Against UKR.NET

Discover how Russia’s BlueDelta targets UKR.NET users with advanced credential-harvesting campaigns, evolving tradecraft, and multi-stage phishing techniques.

T1566 1 IOC

Recorded Future →

WeLiveSecurity Phishing Dec 4

Phishing, privileges and passwords: Why identity is critical to improving cybersecurity posture

Identity is effectively the new network boundary. It must be protected at all costs.

T1566

WeLiveSecurity →

WeLiveSecurity Phishing Oct 13

AI-aided malvertising: Exploiting a chatbot to spread scams

Cybercriminals have tricked X’s AI chatbot into promoting phishing scams in a technique that has been nicknamed “Grokking”. Here’s what to know about it.

T1566 T1189

WeLiveSecurity →

WeLiveSecurity Zero-Day Aug 11

WinRAR zero-day exploited in espionage attacks against high-value targets

The attacks used spearphishing campaigns to target financial, manufacturing, defense, and logistics companies in Europe and Canada, ESET research finds

T1566

WeLiveSecurity →

Threatpost Campaigns Aug 29

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.

T1566

Threatpost →