Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.
The Tycoon 2FA phishing-as-a-service platform is now using OAuth device code phishing to compromise devices that are protected by multifactor authentication, according to eSentire’s ...
By Bree Fowler, contributor Artificial intelligence is dramatically changing the digital threat landscape and how security professionals fight back against the cybercriminals that use ...
There is no question that AI is changing cybersecurity in a massive way. In many respects, its impact is comparable to the rise of the internet. AI tools are helping organizations improve ...
2026 has officially become the year of speed, scale and support. The delta between a phishing email landing and a full organizational compromise has shrunk to mere seconds.
GitHub disclosed that attackers accessed its internal repositories after compromising an employee device through a poisoned Visual Studio Code extension. The company said the activity ...
A phishing campaign exploited a glitch in Robinhood’s account creation process to send phishing emails from the investment platform’s own systems, SecurityWeek reports.
UK residents lost £102 million ($138 million US) to romance scams in 2025, according to a new report from the City of London Police.
Attackers are abusing the storage and sharing features of Kuse, a free AI app, to assist in phishing campaigns, according to researchers at Trend Micro. Kuse is a legitimate agentic AI ...
A new report from the US Federal Trade Commission (FTC) has found that Americans lost $2.1 billion in 2025 to scams that began on social media. Nearly 30% of people who reported losing ...
Researchers at Bitdefender warn that Netflix-themed phishing attacks can have far-reaching consequences if users follow poor security practices. While Netflix is generally associated with ...
Researchers at Google’s Threat Intelligence Group (GTIG) are tracking a new threat actor that’s impersonating help desks to trick users into installing malware. The threat actor, which ...
Cyber-enabled crimes cost Americans nearly $21 billion in 2025, a 26% increase from the previous year, according to the FBI’s latest Internet Crime Report. Phishing, extortion, and ...
Threat actors are abusing agentic AI automation platforms to deliver malware and send phishing emails, according to researchers at Cisco Talos. The researchers observed attackers using ...
A new commodity phishing kit called “Venom Stealer” allows threat actors to automate ClickFix attacks, according to researchers at BlackFog. ClickFix is a social engineering technique ...
The old rules for spotting a phishing email are changing. Remember looking for bad grammar and clumsy spelling? Thanks to AI, hackers' emails are increasingly polished and hard to spot. ...
The US Federal Bureau of Investigation (FBI) has issued an advisory warning of a phishing campaign that’s impersonating city and county officials to send phony requests for permit fees.
I’ve been contacted by the real Kroll (www.kroll.com) a few times over the last few years regarding various real class action lawsuits they are involved in, including as recently as a few ...
Messaging platforms are now a major vector for phishing and other social engineering attacks, according to a new report from NCC Group’s Fox-IT.
Our increasing dependence on the internet and, specifically, email for business and personal communication has produced the perfect environment for cybercriminals to launch phishing ...
A friend posted this on Facebook and it came up on my feed.
