Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.
Cybersecurity incidents nearly tripled in the first half of 2025, jumping from 6% in the second half of 2024 to 17% in 2025, according to a new report from LevelBlue.
ClickFix attacks have been around for decades; only the name is new.
Attackers are using Microsoft Teams calls to trick users into installing the Matanbuchus malware loader, which frequently precedes ransomware deployment, according to researchers at ...
There is no other way to say it clearer, social engineering is going to be a lot, lot worse soon and far more successful than it is today. And that’s saying a lot. It’s already pretty bad.
More than one in ten people who were targeted by job scams this year fell victim, according to a report from Resume.org.
Scammers are using over 17,000 phony news sites to push investment fraud, according to a new report from CTM360.
The US Federal Trade Commission (FTC) has issued an advisory warning of job scams that impersonate well-known companies with tempting employment opportunities.
The US FBI and cybersecurity experts are warning that the Scattered Spider extortion gang has shifted its focus to the aviation and transportation sectors, BleepingComputer reports.
Employees are expected to behave securely, and the definition of “securely” is often written down in a myriad of security policies. Yet, people do not always comply with security policies ...
Researchers at Bitdefender warn of a wave of social engineering attacks targeting WhatsApp accounts.
Cybersecurity has long focused on fortifying networks, securing endpoints and blocking malicious code.
Social engineering remains a primary initial access vector for cybercriminals, according to a new report from Europol.
AI-generated voice deepfakes present an urgent threat to organizations, according to researchers at Pindrop.
Lead Researchers: James Dyer and Louis Tiley Between May 5 and May 7, 2025, KnowBe4 Threat Lab identified a phishing campaign originating from accounts created on the legitimate service ...
Researchers at Google’s Mandiant have published a report on voice phishing (vishing) attacks, noting that these attacks have served as initial access points for recent waves of ransomware ...
What is AI really? Throughout this article, I will remove the hype and get to the most honest answer ever.
Picture this: it's 2021. You're an IT professional, scrolling through LinkedIn, when a message pings. "Bastion Secure," a new cybersecurity company, is hiring. The pay? Excellent.
OpenAI has published a report looking at AI-enabled malicious activity, noting that threat actors are increasingly using AI tools to assist in social engineering attacks and influence ...
A criminal threat actor tracked as “UNC6040” is using voice phishing (vishing) attacks to compromise organizations’ Salesforce instances, according to researchers at Google’s Threat ...
When it comes to cybersecurity, organizations face an ever-present and often underestimated threat: human risk.
