For legal organizations, the integrity of communication isn't just a business requirement, it’s a foundational pillar of the profession. Whether it’s a sensitive case strategy, a ...
Researchers at Google’s Threat Intelligence Group (GTIG) warn that nation-state threat actors have adopted Gemini and other AI tools as essential components of their operations. The ...
Threat actors are using phony meeting invites for Zoom, Microsoft Teams, Google Meet, and other video conferencing applications to trick users into installing remote monitoring and ...
Social engineering remains the most reliable way into an organization—and attackers are getting better at it every day.
Independent research shows that 91% of organizations have experienced outbound email security incidents in their Microsoft 365 environments. Human error is the primary cause of these ...
Social engineering remained the top initial access vector for cyberattacks in 2025, with increasing assistance from AI tools, according to a report from ThreatDown. The researchers warn ...
People accidentally send emails to the wrong recipients every day. The impact of these incidents can be relatively minor if there is no sensitive data included in the email body or ...
AI-driven fraud attacks spiked by more than 1200% in December 2025, according to a new report by Pindrop Security. Threat actors are using AI to assist in every stage of the attack, from ...
Cybercriminals are abusing legitimate invoices and dispute notifications from popular services to send scam emails that bypass security filters, according to researchers at Kaseya’s INKY. ...
CyberheistNews Vol 16 #07 | February 17th, 2026 Uncovering the Sophisticated Phishing Campaign Bypassing M365 MFA KnowBe4 Threat Labs has detected a sophisticated phishing campaign ...
North Korean hackers continue to target software developers via social engineering attacks, according to researchers at Recorded Future.
Researchers at Okta warn that a series of phishing kits have emerged that are designed to help threat actors launch sophisticated voice phishing (vishing) attacks that can bypass ...
The first requirements set forth for the EU AI Act start this month (February). Luckily, this regulation starts with some of the easiest components to comply with; these are related to ...
A new malware-as-a-service (MaaS) kit called “Stanley” is offering users guaranteed publication in the Chrome Web Store, bypassing Google’s security verification process, according to ...
We are very excited that 2025 broke all of our records for usage and quality ratings of our content on the platform! Our 2025 records were driven by a notable trend: more frequent ...
Researchers at Palo Alto Networks’ Unit 42 warn of a proof-of-concept (PoC) attack technique in which threat actors could use AI tools to generate malicious JavaScript in real time on ...
Commodity phishing platforms are now a central component of the cybercriminal economy, according to researchers at Flare. These platforms allow threat actors of all skill levels to carry ...
A new survey by Vodafone Business found that more than 10% of companies in the UK would likely go out of business if they were hit by a major cyber incident, such as a ransomware attack, ...
