Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Warning: Phishing Attacks Are Abusing the Kuse AI App

KnowBe4 Team | May 19, 2026

Attackers are abusing the storage and sharing features of Kuse, a free AI app, to assist in phishing campaigns, according to researchers at Trend Micro. Kuse is a legitimate agentic AI platform used by employees to streamline workflows. Users can share files with coworkers, which generates a link hosted by Kuse’s domain. In this case, attackers are abusing the share feature to generate legitimate-looking phishing links.

“The URL used the legitimate domain app[.]kuse[.]ai and contained spaces, commas, and periods,” Trend Micro explains. “Moreover, the URL mimicked a legitimate document using the compromised vendor’s company name. These links were presumably put in emails sent from mailboxes belonging to the compromised vendor, aimed at the target organization. This tactic was meant to confuse users and automated scanners. Because the Markdown file extension (.md) is less commonly used in phishing attempts than document (e.g., .pdf, .docx) and webpage (e.g., .html, .aspx) file extensions, it can bypass filter signatures and heuristic rules that focus on more typical malicious file extensions.”

If a user clicked the link, they’d be taken to a legitimate Kuse workspace that displayed a blurred document preview accompanied by another link to reveal the document. This link led to a spoofed Microsoft login page designed to steal the user’s credentials.

“Threat actors are always looking for new vectors to exploit the inherent trust placed in legitimate platforms,” Trend Micro says. “They abuse the storage and sharing capabilities of free services, as well as the growing interest in AI-powered web applications. Using the Markdown (.md) file extension as the delivery format, combined with a VEC to establish trust at the point of delivery, demonstrates a multi-layered social engineering approach designed to evade both automated defenses and human scrutiny, which in turn highlights the need for layered protection and heightened user awareness.”

KnowBe4 enables your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

Trend Micro has the story: Kuse Web App Abused to Host Phishing Document

Topics: Social Engineering Phishing Cybersecurity

See KnowBe4 Defend™ in Action

Learn how Defend™ strategically enhances Microsoft 365's native security to catch the threats Secure Email Gateways (SEGs) miss.

Request a Demo

Secure the Digital Workforce: Human + AI

KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.

KnowBe4 Team

ABOUT KNOWBE4 TEAM

The KnowBe4 Team delivers timely, expert-driven insights on cybersecurity trends, emerging threat intelligence, human risk and agent security best practices, compliance strategies and industry research to help organizations strengthen their digital defense layer and stay informed, resilient, and secure.

Read more from KnowBe4 »

Subscribe the KnowBe4 Blog

Posts By Topic

View All