Commodity phishing platforms are now a central component of the cybercriminal economy, according to researchers at Flare. These platforms allow threat actors of all skill levels to carry ...
A new survey by Vodafone Business found that more than 10% of companies in the UK would likely go out of business if they were hit by a major cyber incident, such as a ransomware attack, ...
A phishing campaign is abusing LinkedIn private messages to target executives and IT workers, according to researchers at ReliaQuest. The messages attempt to trick victims into opening an ...
One of my first intentional “to-dos” this year has been spending time with the World Economic Forum’s Global Cybersecurity Outlook 2026, a report I was privileged to actively contribute ...
With organizations collecting and storing massive amounts of personal data these days, much of which people share freely, we need to become better at protecting data on both the storing ...
Scammers are increasingly using visually stylized QR codes to deliver phishing links, Help Net Security reports. QR code phishing (quishing) is already more difficult to detect, since ...
Forty percent of employees have never received cybersecurity training, according to a new report from Yubico. That number rises to nearly sixty percent for employees working for small ...
A widespread phishing campaign is targeting LinkedIn users by posting comments on users’ posts, BleepingComputer reports. Threat actors are using bots to post the comments, which ...
For those of you who are like me, when I first heard about the new EU AI Act, I had flashbacks to the implementation of the General Data Protection Act (GDPR) back in 2018. There are ...
A survey by the World Economic Forum (WEF) found that 47% of organizations cite the advancement of adversarial capabilities as their top concern surrounding generative AI.
Attackers are increasingly abusing network misconfigurations to send spoofed phishing emails, according to researchers at Microsoft. This technique isn’t new, but Microsoft has observed a ...
Microsoft was the most commonly impersonated brand in phishing attacks during the fourth quarter of 2025, according to researchers at Guardio. Microsoft was followed by Facebook, Roblox, ...
Researchers at RavenMail warn that a major phishing campaign targeted more than 3,000 organizations last month, primarily in the manufacturing industry.
WIRED reports that deepfake attacks are impersonating pastors and other religious figures in order to scam congregations.
ClickFix attacks have been around for decades; only the name is new. ClickFix attacks use social engineering to trick users into clicking on buttons and links that the user is told are ...
Researchers at Gen warn that a phishing campaign is attempting to trick users into linking malicious devices to their WhatsApp accounts.
The North Korean threat actor “Kimsuky” is using QR codes to trick users into installing malicious mobile apps, according to security researchers at ENKI. The phishing sites, which ...
Amazon has blocked more than 1,800 suspected North Korean applicants from joining the company since April 2024, TechRadar reports. Amazon’s Chief Security Officer, Stephen Schmidt, said ...
Over 90% of parked domains now direct users to malicious content, compared to less than 5% a decade ago, according to researchers at Infoblox.
Zscaler has published a report on a new phishing kit dubbed “BlackForce” that uses Man-in-the-Browser (MitB) attacks to steal credentials and bypass multi-factor authentication. Notably, ...
