Deepfake Training: A Strategic Advantage Against Emerging Threats

Deepfake attacks have become more compelling and realistic than ever before.

North Korean Job Invitation

A friend of mine, John D., received this outreach on Threads (see below). At first, he thought it was the standard fake employer scam, but it is more than that. It is very likely part of ...

[Beware] Microsoft Teams 'Chat with Anyone' invites aren't always safe

Researchers at CyberProof warn that threat actors are launching phishing attacks via Microsoft Teams' “Chat with Anyone” feature, which lets external users send direct messages via email ...

Report: Phishing Has Surged 400% Year-Over-Year

Researchers at SpyCloud have observed a 400% year-over-year increase in successful phishing attacks, with a disproportionate number of attacks targeting corporate accounts.

Warning: Phishing Campaign Leveraging Evilginx Targets U.S. Universities

Threat actors are using the open-source phishing framework Evilginx to target universities across the United States, according to researchers at Infoblox. The attackers have targeted at ...

Notorious Cybercrime Group is Now Targeting Zendesk Users

ReliaQuest warns that the cybercriminal collective “Scattered Lapsus$ Hunters” appears to be using social engineering attacks to target organizations’ Zendesk instances.

Malicious AI Tools Assist in Phishing and Ransomware Attacks

Researchers at Palo Alto Networks’ Unit 42 are tracking two new malicious AI tools, WormGPT 4 and KawaiiGPT, that allow threat actors to craft phishing lures and generate ransomware code.

Report: Sophisticated Fraud Attacks Are on the Rise

Sophisticated online fraud techniques are growing more accessible to unskilled attackers, driven by AI tools and fraud-as-a-service platforms, according to Sumsub’s latest Identity Fraud ...

The Ghost in the Machine: How a Multi-Stage Phishing Campaign Evades Security to Steal Microsoft 365 Credentials

Lead Analysts: Jeewan Singh Jalal, Prabhakaran Ravichandhiran and Anand Bodke Since November 3, 2025, KnowBe4 Threat Labs has been monitoring a highly sophisticated, multi-stage phishing ...

New Criminal Toolkit Abuses Browser Push Notifications

A new criminal platform called “Matrix Push C2” is using browser notifications to launch social engineering attacks, according to researchers at BlackFog.