Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Human Risk Management Blog

Cybercrime

We report on the latest trends in cybercrime to help you stay informed and aware of what the current threat landscape looks like.

View Topics

Feb 17, 2026 5:00:00 PM By KnowBe4 Team

Warning: Attackers Are Using DKIM Replay Attacks to Bypass Security Filters

Cybercriminals are abusing legitimate invoices and dispute notifications from popular services to send scam emails that bypass security filters, according to researchers at Kaseya’s INKY. ...

Feb 17, 2026 9:00:00 AM By KnowBe4 Team

CyberheistNews Vol 16 #07 Uncovering the Sophisticated Phishing Campaign Bypassing M365 MFA

CyberheistNews Vol 16 #07 | February 17th, 2026 Uncovering the Sophisticated Phishing Campaign Bypassing M365 MFA KnowBe4 Threat Labs has detected a sophisticated phishing campaign ...

Feb 12, 2026 2:30:00 PM By KnowBe4 Team

Voice Phishing Kits Give Threat Actors Real-Time Control Over Attacks

Researchers at Okta warn that a series of phishing kits have emerged that are designed to help threat actors launch sophisticated voice phishing (vishing) attacks that can bypass ...

Feb 10, 2026 9:00:00 AM By KnowBe4 Team

CyberheistNews Vol 16 #06 Trusted Platform but Same Old Phish: Now LinkedIn DMs Target Your Execs

Feb 6, 2026 11:00:01 AM By KnowBe4 Team

New Malware Kit Promises Guaranteed Publication in the Chrome Web Store

A new malware-as-a-service (MaaS) kit called “Stanley” is offering users guaranteed publication in the Chrome Web Store, bypassing Google’s security verification process, according to ...

Feb 5, 2026 4:30:00 PM By KnowBe4 Team

Attackers Can Use LLMs to Generate Phishing Pages in Real Time

Researchers at Palo Alto Networks’ Unit 42 warn of a proof-of-concept (PoC) attack technique in which threat actors could use AI tools to generate malicious JavaScript in real time on ...

Feb 5, 2026 12:30:00 PM By KnowBe4 Team

The Phishing-as-a-Service Economy is Thriving

Commodity phishing platforms are now a central component of the cybercriminal economy, according to researchers at Flare. These platforms allow threat actors of all skill levels to carry ...

Feb 4, 2026 12:00:02 PM By KnowBe4 Team

Report: One in Ten UK Companies Wouldn’t Survive a Major Cyberattack

A new survey by Vodafone Business found that more than 10% of companies in the UK would likely go out of business if they were hit by a major cyber incident, such as a ransomware attack, ...

Feb 3, 2026 9:30:00 AM By KnowBe4 Team

CyberheistNews Vol 16 #05 [Heads Up] New “Fancy” QR Codes Are Making Quishing More Dangerous

CyberheistNews Vol 16 #05 | February 3rd, 2026 [Heads Up] New “Fancy” QR Codes Are Making Quishing More Dangerous QR code phishing scammers are increasingly using visually stylized QR ...

Jan 27, 2026 9:00:01 AM By KnowBe4 Team

CyberheistNews Vol 16 #04 The Skeleton Key: How Attackers Weaponize Trusted RMM Tools for Backdoor Access

Jan 22, 2026 8:00:00 AM By KnowBe4 Threat Lab

The Skeleton Key: How Attackers Weaponize Trusted RMM Tools for Backdoor Access

Lead Analysts: Jeewan Singh Jalal, Prabhakaran Ravichandhiran and Anand Bodke KnowBe4 Threat Labs recently examined a sophisticated dual-vector campaign that demonstrates the real-world ...

Jan 20, 2026 12:00:00 PM By KnowBe4 Team

Report: Scammers Stole $17 Billion Worth of Crypto Last Year

Scammers stole an estimated $17 billion worth of cryptocurrency in 2025, according to a new report from Chainalysis. Notably, the report found that AI-assisted scams stole 4.5 times more ...

Jan 20, 2026 9:00:00 AM By KnowBe4 Team

CyberheistNews Vol 16 #03 [New Scam] AI Deepfakes Religious Leaders to Steal Your Money

Jan 15, 2026 11:45:00 AM By KnowBe4 Team

Threat Actors Exploit Misconfigurations to Spoof Internal Emails

Attackers are increasingly abusing network misconfigurations to send spoofed phishing emails, according to researchers at Microsoft. This technique isn’t new, but Microsoft has observed a ...

Jan 13, 2026 1:00:00 PM By KnowBe4 Team

AI Deepfakes Are Impersonating Religious Figures to Solicit Donations

WIRED reports that deepfake attacks are impersonating pastors and other religious figures in order to scam congregations.

Jan 13, 2026 9:00:00 AM By KnowBe4 Team

CyberheistNews Vol 16 #02 When You Can't Believe Your Eyes: AI and the New Misinformation Playbook

Jan 9, 2026 3:00:00 PM By Roger Grimes

ConsentFix Attacks Fake Cloudflare Prompts

ClickFix attacks have been around for decades; only the name is new. ClickFix attacks use social engineering to trick users into clicking on buttons and links that the user is told are ...

Jan 6, 2026 9:00:00 AM By KnowBe4 Team

CyberheistNews Vol 16 #01 AI & Cybersecurity in 2026: Top 10 Predictions for Threats and Defenses

Dec 31, 2025 9:00:00 AM By KnowBe4 Team

Amazon Warns of Fraudulent North Korean Job Applicants

Amazon has blocked more than 1,800 suspected North Korean applicants from joining the company since April 2024, TechRadar reports. Amazon’s Chief Security Officer, Stephen Schmidt, said ...

Dec 30, 2025 9:00:02 AM By KnowBe4 Team

New ConsentFix Technique Tricks Users Into Handing Over OAuth Tokens

Researchers at Push Security have observed a new variant of the ClickFix attack that combines “OAuth consent phishing with a ClickFix-style user prompt that leads to account compromise.”

Subscribe

Search Our Blog


New call-to-action

Subscribe To Our Blog

Posts By Topic

View all

Get the latest insights, trends and security news. Subscribe to CyberheistNews.