A survey by the World Economic Forum (WEF) found that 47% of organizations cite the advancement of adversarial capabilities as their top concern surrounding generative AI.
Attackers are increasingly abusing network misconfigurations to send spoofed phishing emails, according to researchers at Microsoft. This technique isn’t new, but Microsoft has observed a ...
Microsoft was the most commonly impersonated brand in phishing attacks during the fourth quarter of 2025, according to researchers at Guardio. Microsoft was followed by Facebook, Roblox, ...
Researchers at RavenMail warn that a major phishing campaign targeted more than 3,000 organizations last month, primarily in the manufacturing industry.
WIRED reports that deepfake attacks are impersonating pastors and other religious figures in order to scam congregations.
ClickFix attacks have been around for decades; only the name is new. ClickFix attacks use social engineering to trick users into clicking on buttons and links that the user is told are ...
Researchers at Gen warn that a phishing campaign is attempting to trick users into linking malicious devices to their WhatsApp accounts.
The North Korean threat actor “Kimsuky” is using QR codes to trick users into installing malicious mobile apps, according to security researchers at ENKI. The phishing sites, which ...
Amazon has blocked more than 1,800 suspected North Korean applicants from joining the company since April 2024, TechRadar reports. Amazon’s Chief Security Officer, Stephen Schmidt, said ...
Over 90% of parked domains now direct users to malicious content, compared to less than 5% a decade ago, according to researchers at Infoblox.
Zscaler has published a report on a new phishing kit dubbed “BlackForce” that uses Man-in-the-Browser (MitB) attacks to steal credentials and bypass multi-factor authentication. Notably, ...
Eighty-one percent of small businesses suffered a security or data breach over the past year, and 38% of these businesses were forced to raise their prices as a result, a report from the ...
A popular phone call/voicemail scam (i.e., vishing) involves someone calling you, claiming to be law enforcement with a warrant for your arrest, and then offers you an opportunity to ...
Today, anyone can find a picture of absolutely anybody and it is also not difficult to find a sample of their voice. By combining these it is shockingly easy to create a realistic AI ...
A phishing campaign is targeting executives with phony offers for awards, according to researchers at Trustwave SpiderLabs. The attackers first dupe the victims into handing over their ...
Malwarebytes warns that threat actors are abusing the free Cloudflare Pages service to host phishing portals, helping the phishing sites avoid detection by security scanners.
Deepfake attacks have become more compelling and realistic than ever before.
A friend of mine, John D., received this outreach on Threads (see below). At first, he thought it was the standard fake employer scam, but it is more than that. It is very likely part of ...
Researchers at CyberProof warn that threat actors are launching phishing attacks via Microsoft Teams' “Chat with Anyone” feature, which lets external users send direct messages via email ...
Researchers at SpyCloud have observed a 400% year-over-year increase in successful phishing attacks, with a disproportionate number of attacks targeting corporate accounts.
