Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.
Users should be particularly wary of holiday-themed scams over the next few weeks, according to researchers at Malwarebytes. “Mobile-first shopping has become second nature, and during ...
A large phishing campaign is using phony seasonal party invites to trick users into installing remote management and monitoring (RMM) tools, according to researchers at Symantec.
Users and organizations should be prepared for a surge in phishing attacks over the next several weeks, as attackers take advantage of the holiday shopping season, according to a new ...
A new phishing kit is impersonating the Italian IT and web services provider Aruba, according to researchers at Group-IB. The kit is designed to trick users into entering their Aruba ...
Researchers at Push Security warn of an extremely convincing ClickFix attack posing as a Cloudflare verification check. ClickFix is a social engineering technique that tricks the victim ...
Lead Analysts: Jeewan Singh Jalal, Prabhakaran Ravichandhiran and Anand Bodke KnowBe4 Threat Labs has uncovered an emerging advanced phishing campaign targeting Microsoft 365 users ...
AI-fueled cyberattacks are increasingly targeting entities across Africa, according to Robert Lemos at Dark Reading. Lemos cites two recent reports from Microsoft and Group-IB that warned ...
A phishing campaign is using invisible characters to evade security filters, according to Jan Kopriva at the SANS Internet Storm Center.
I received this email the other day to my personal email account. It is a “Security Alert” from “Microsoft Helpdesk.” Oh, my!
A phishing campaign is targeting LastPass users with phony notifications informing users that someone has notified the company of the user’s death and is trying to gain access to their ...
A phishing campaign is impersonating Google Careers to target job seekers, according to researchers at Sublime Security.
A phishing campaign is impersonating LastPass and Bitwarden with phony breach notifications, BleepingComputer reports.
Threat actors are abusing X’s generative AI bot Grok to spread phishing links, according to researchers at ESET. The attackers achieve this by tricking Grok into thinking it’s answering a ...
Cybernews warns that threat actors will likely take advantage of the recent AWS outage to launch phishing attacks against affected users.
Phishing was the initial access vector for 60% of cyberattacks across Europe between July 2024 and June 2025, according to the European Union Agency for Cybersecurity (ENISA).
Employees who multitask are significantly more vulnerable to phishing attacks, according to a study from the University at Albany published in the European Journal of Information Systems.
Microsoft warns that a recent phishing campaign used AI technology to obfuscate its payload and evade security filters.
A new report has found that nearly 40% of security leaders believe their organizations are least prepared for phishing and other social engineering attacks, Help Net Security reports.
A survey by Gartner found that 62% of organizations have been hit by a deepfake attack in the past twelve months, Infosecurity Magazine reports.
Welcome back. In our last blog post, we talked about the great divide between tech-focused and people-focused security.
