phishing
Why phishing still works today
In this Help Net Security video, Gal Livschitz, Senior Penetration Tester at Terra Security, explains how phishing has evolved and why employees still fall for it. He outlines …
Authorities pull plug on Tycoon 2FA phishing-as-a-service platform
Tycoon 2FA, a phishing-as-a-service platform that allowed cybercriminals to bypass MFA and break into online accounts, has been disrupted by law enforcement agencies and …
Threat actors weaponize OAuth redirection logic to deliver malware
An ongoing phishing campaign is abusing the OAuth authentication redirection mechanism to avoid triggering conventional email and browser defenses, Microsoft researchers have …
Ransomware activity peaks outside business hours
Intrusions continue to center on credential access and timed execution outside standard business hours. The Sophos Active Adversary Report 2026 analyzes 661 incident response …
Airline brands become launchpads for phishing, crypto fraud
Airline brands sit at the center of peak travel booking cycles, loyalty programs, and high value transactions. Criminal groups continue to register thousands of lookalike …
Police seize 100,000 stolen Facebook credentials in cybercrime raid
Officers from Poland’s Central Bureau for Combating Cybercrime (CBZC) dismantled an organized group that used phishing to seize Facebook accounts and extract BLIK payment …
Men sentenced to 8 years in $1.3 million computer intrusion and tax fraud scheme
Matthew A. Akande, a Nigerian national, was sentenced by a U.S. District Court to eight years in prison, followed by three years of supervised release, for his role in a …
AI-driven scams are eroding trust in calls, messages, and meetings
In this Help Net Security video, Miguel Fornés, Governance and Compliance Manager at Surfshark, discusses how AI is changing social engineering attacks. He describes how tasks …
State-backed phishing attacks targeting military officials and journalists on Signal
German security authorities are warning that a likely state-backed hacking group is engaged in attempts at phishing senior political figures, military officials, diplomats, …
AI is driving a new kind of phishing at scale
Email remains a primary entry point for attackers, and security teams continue to manage high volumes of malicious messages that change form across campaigns. Attackers …
1Password targets AI-driven phishing with built-in prevention
To help reduce phishing risk, 1Password added an extra layer of protection and began rolling out a phishing prevention feature designed to stop users before they share …
Energy sector orgs targeted with AiTM phishing campaign
Organizations in the energy sector are being targeted with phishing emails aimed at compromising enterprise accounts, Microsoft warns. The attack campaign The attacks started …
Featured news
Resources
Don't miss
- Extortion crew hijacks Microsoft 365 accounts via fake passkey setup
- Microsoft releases fix for RoguePlanet Defender flaw (CVE-2026-50656)
- 5,811 arrests, $293 million seized over social engineering scams
- Your coding agent says no in chat and yes in the code
- Malicious AI agent skills can slip past the scanners built to stop them