Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.
phishing
Why phishing still works today

In this Help Net Security video, Gal Livschitz, Senior Penetration Tester at Terra Security, explains how phishing has evolved and why employees still fall for it. He outlines …

cybercrime
Authorities pull plug on Tycoon 2FA phishing-as-a-service platform

Tycoon 2FA, a phishing-as-a-service platform that allowed cybercriminals to bypass MFA and break into online accounts, has been disrupted by law enforcement agencies and …

OAuth
Threat actors weaponize OAuth redirection logic to deliver malware

An ongoing phishing campaign is abusing the OAuth authentication redirection mechanism to avoid triggering conventional email and browser defenses, Microsoft researchers have …

ransomware
Ransomware activity peaks outside business hours

Intrusions continue to center on credential access and timed execution outside standard business hours. The Sophos Active Adversary Report 2026 analyzes 661 incident response …

airplane
Airline brands become launchpads for phishing, crypto fraud

Airline brands sit at the center of peak travel booking cycles, loyalty programs, and high value transactions. Criminal groups continue to register thousands of lookalike …

Poland arrest
Police seize 100,000 stolen Facebook credentials in cybercrime raid

Officers from Poland’s Central Bureau for Combating Cybercrime (CBZC) dismantled an organized group that used phishing to seize Facebook accounts and extract BLIK payment …

arrest
Men sentenced to 8 years in $1.3 million computer intrusion and tax fraud scheme

Matthew A. Akande, a Nigerian national, was sentenced by a U.S. District Court to eight years in prison, followed by three years of supervised release, for his role in a …

social engineering
AI-driven scams are eroding trust in calls, messages, and meetings

In this Help Net Security video, Miguel Fornés, Governance and Compliance Manager at Surfshark, discusses how AI is changing social engineering attacks. He describes how tasks …

Signal app
State-backed phishing attacks targeting military officials and journalists on Signal

German security authorities are warning that a likely state-backed hacking group is engaged in attempts at phishing senior political figures, military officials, diplomats, …

attack
AI is driving a new kind of phishing at scale

Email remains a primary entry point for attackers, and security teams continue to manage high volumes of malicious messages that change form across campaigns. Attackers …

1Password
1Password targets AI-driven phishing with built-in prevention

To help reduce phishing risk, 1Password added an extra layer of protection and began rolling out a phishing prevention feature designed to stop users before they share …

energy sector
Energy sector orgs targeted with AiTM phishing campaign

Organizations in the energy sector are being targeted with phishing emails aimed at compromising enterprise accounts, Microsoft warns. The attack campaign The attacks started …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released for important security events and breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools