KnowBe4 Blog

FBI: Americans Lost More Than $20 billion to Fraud Last Year

Cyber-enabled crimes cost Americans nearly $21 billion in 2025, a 26% increase from the previous year, according to the FBI’s latest Internet Crime Report. Phishing, extortion, and ...

Phishing Campaigns Abuse AI Workflow Automation Platforms

Threat actors are abusing agentic AI automation platforms to deliver malware and send phishing emails, according to researchers at Cisco Talos. The researchers observed attackers using ...

CyberheistNews Vol 16 #16 How Identity at the Edge Highlights the New Frontiers of Trust

Alert: WhatsApp Phishing Campaign Delivers Malware

A new phishing campaign is using WhatsApp messages to deliver malware, according to researchers at Microsoft. The attackers are attempting to trick users into installing malicious Visual ...

Survey: Security Leaders Emphasize Need for Workforce Education

A new survey from LevelBlue has found that a majority of Chief Technology Officers (CTOs) believe the human-related elements of their cybersecurity strategies are falling short. These ...

CyberheistNews Vol 16 #15 Anthropic's Mythos Is Not Just a Tool. It's Something You Have to Contain.

New Phishing Kit Streamlines ClickFix Attacks

A new commodity phishing kit called “Venom Stealer” allows threat actors to automate ClickFix attacks, according to researchers at BlackFog. ClickFix is a social engineering technique ...

Phishing Campaign Targets Japanese Firms During Tax Season

A criminal threat actor called “Silver Fox” is launching tax-themed phishing attacks against Japanese companies during the country’s tax season, according to researchers at ESET.

Phishing Campaign Impersonates Palo Alto Networks Recruiters

Threat actors are impersonating Palo Alto Networks recruiters to target job seekers, according to researchers with Palo Alto’s Unit 42 security team. “These attacks specifically target ...

Voice Phishing is a Growing Social Engineering Threat

Voice phishing (vishing) overtook email-based phishing as a top initial intrusion vector in 2025, according to a new report from Mandiant. Notably, vishing is live and interactive, giving ...