Top 10 Best Social Engineering Testing Companies in 2026
In the fast-evolving digital landscape of 2026, an organization’s most sophisticated technological defenses can be rendered useless by a single click from a ...
Articles mapped to MITRE ATT&CK techniques. Select a technique to view matching articles.
98 articles found
In the fast-evolving digital landscape of 2026, an organization’s most sophisticated technological defenses can be rendered useless by a single click from a ...
Odyssey Stealer is driving a large-scale macOS infostealer campaign that now spans more than 100 countries, with operators systematically hijacking cryptocur...
Criminals who pose as police officers, romantic partners, and business suppliers have built fraud operations that reach across continents. A four-month enfor...
A targeted campaign in which the ToddyCat (aka APT-style) group leverages a previously observed loader family, Umbrij, to hijack Gmail accounts by abusing Go...
A direct message arrives on Reddit from a stranger, and it invites a reply. That reply is the point.
ESET’s H1 2026 threat report shows attackers accelerating the use of familiar playbooks with AI-flavored lures, social engineering, and defense evasion rathe...
A human-operated Mexican banking fraud campaign tracked as REF6045 has been observed using a bespoke PowerShell toolkit SCMBANKER to turn commodity click-fra...
Threat actors are currently exploiting sophisticated ClickFix social engineering campaigns that mimic Google and Cloudflare verification systems to distribut...
Hackers are using compromised websites and a deceptive transcript.pdf.
Threat actors are integrating AI into their exploit chains, accelerating reconnaissance, automating vulnerability discovery, and scaling social engineering i...
Opera has introduced Paste Protect, a security feature designed to block ClickFix-style attacks that trick users into executing malicious commands through so...
A novel, practical ransomware technique that runs entirely inside the browser by abusing the File System Access API, demonstrating how AI can turn high-level...
Cybersecurity researchers have flagged a new multi-stage malware delivery attack chain that uses social engineering and Blogger pages to deliver an informati...
MacSync Stealer is a newly discovered macOS infostealer actively distributed through a sophisticated malvertising campaign on Google Ads that impersonates An...
ReliaQuest report warns of a surge in ClickFix social engineering attacks against Windows and macOS users
Ukraine's SBU described a long-running Russian operation that used fake tech-support workers to persuade people to hand over credentials to their messaging a...
Scammers are increasingly exploiting Shopify’s ecosystem and its Shop order-tracking app to deliver fraudulent invoices directly into users’ purchase histori...
Service desks have become a favored target for attackers seeking password resets, MFA changes, and access to corporate accounts. Specops Software breaks down...
Here’s why the next social engineering wave won’t hit inboxes – it will just simply call employees on the phone.
In the complex digital landscape of 2026, technology alone is no longer enough to protect an organization from cyber threats. The human element, often cited ...