phishing

10 free cybersecurity guides you might have missed
This collection of free cybersecurity guides covers a broad range of topics, from resources for developing cybersecurity programs to specific guides for various sectors and …

Hundreds of orgs targeted with emails aimed at stealing NTLM authentication hashes
A threat actor specializing in establishing initial access to target organizations’ computer systems and networks is using booby-trapped email attachments to steal …

Phishers target FCC, crypto holders via fake Okta SSO pages
A new phishing campaign is using fake Okta single sign-on (SSO) pages for the Federal Communications Commission (FCC) and for various cryptocurrency platforms to target users …

95% believe LLMs making phishing detection more challenging
More than 95% of responding IT and security professionals believe social engineering attacks have become more sophisticated in the last year, according to LastPass. Recent AI …

Vishing, smishing, and phishing attacks skyrocket 1,265% post-ChatGPT
76% of enterprises lack sufficient voice and messaging fraud protection as AI-powered vishing and smishing skyrocket following the launch of ChatGPT, according to Enea. …

European retailer Pepco loses €15.5 million in phishing (possibly BEC?) attack
Pepco Group has confirmed that its Hungarian business has been hit by a “sophisticated fraudulent phishing attack.” The European company, which operates shops …

Understanding employees’ motivations behind risky actions
More 68% of employees knowingly put their organizations at risk, potentially leading to ransomware or malware infections, data breaches, or financial loss, according to …

Pikabot returns with new tricks up its sleeve
After a short hiatus, Pikabot is back, with significant updates to its capabilities and components and a new delivery campaign. About the Pikabot loader Pikabot is a loader …

Secure email gateways struggle to keep pace with sophisticated phishing campaigns
In 2023, malicious email threats bypassing secure email gateways (SEGs) increased by more than 100%, according to Cofense. In just two years, Cofense identified over 1.5 …

Clean links and sophisticated scams mark new era in email attacks
Analysis of 7 billion emails shows clean links are duping users, malicious EML attachments increased 10-fold in Q4, and social engineering attacks are at all-time highs, …

Corporate users getting tricked into downloading AnyDesk
Hackers are leveraging the AnyDesk remote desktop application in a phishing campaign targeting employees, Malwarebytes warns. The AnyDesk phishing campaign In a phishing …

Protecting against AI-enhanced email threats
Generative AI based on large language models (LLMs) has become a valuable tool for individuals and businesses, but also cybercriminals. Its ability to process large amounts of …
Featured news
Resources
Don't miss
- It’s time to secure the extended digital supply chain
- SysReptor: Open-source penetration testing reporting platform
- Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391)
- 8Base ransomware group leaders arrested, leak site seized
- Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200)