Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now
June 4, 2026 KnowBe4 Team

Chinese-Language Phishing Kits Are Growing More Advanced

Google’s Threat Intelligence Group (GTIG) is tracking phishing-as-a-service offerings in the rapidly expanding Chinese cybercriminal ecosystem, noting that at least a dozen of these ...

May 22, 2026 KnowBe4 Team

Report: The Tycoon 2FA Phishing Kit Has Evolved

The Tycoon 2FA phishing-as-a-service platform is now using OAuth device code phishing to compromise devices that are protected by multifactor authentication, according to eSentire’s ...

February 18, 2026 Roger Grimes

Your Password Needs To Be 25 Characters or Longer Due to AI and Quantum Attacks

Prior to my further research into AI and quantum for my latest book, How AI and Quantum Impact Cyber Threats and Defenses, I had pretty solid password policy recommendations:

February 12, 2026 KnowBe4 Threat Lab

Uncovering the Sophisticated Phishing Campaign Bypassing M365 MFA

Lead Analysts: Jeewan Singh Jalal, Prabhakaran Ravichandhiran and Anand Bodke KnowBe4 Threat Labs has detected a sophisticated phishing campaign targeting North American businesses and ...

December 22, 2025 KnowBe4 Team

New BlackForce Phishing Kit Bypasses Multifactor Authentication

Zscaler has published a report on a new phishing kit dubbed “BlackForce” that uses Man-in-the-Browser (MitB) attacks to steal credentials and bypass multi-factor authentication. Notably, ...

November 13, 2025 KnowBe4 Team

Tycoon 2FA Phishing Kit Grows More Sophisticated

Cybereason warns that the Tycoon 2FA phishing kit continues to receive upgrades, allowing unskilled cybercriminals to launch sophisticated social engineering attacks. The platform is ...

September 10, 2025 Martin Kraemer

"Yep, I got pwned. Sorry everyone, very embarrassing."

In essence, that is the disclosure and notification message that the open-source developer "qix" sent to the world when he was social engineered to give up access credentials to his ...

August 28, 2025 KnowBe4 Team

New Phishing Kit Bypasses MFA to Steal Microsoft 365 Credentials

Attackers are using a newly discovered phishing-as-a-service (PhaaS) platform dubbed “Salty 2FA” to target a wide range of industries across North America and Europe, according to ...

July 31, 2025 Roger Grimes

Malicious Connectors Potentially Impact Hundreds of Millions of Microsoft 365 Users

Most Microsoft 365 users aren’t aware of this recently growing serious email threat vector.

June 6, 2025 Roger Grimes

Fake MFA Reset Warning Message

A KnowBe4 co-worker of mine recently got this SMS phishing message (i.e., smish).

Subscribe

Subscribe To Our Blog

Human Ready. AI Ready. One Plaform.

Posts By Topic

View all topics >