social engineering

How cybercriminals exploit psychological triggers in social engineering attacks
Most attacks don’t start with malware; they begin with a message that seems completely normal, whether it comes through email, a phone call, or a chat, and that is exactly …

UK retailers under cyber attack: Co-op member data compromised
UK-based retailers Marks & Spencer, Co-op, and Harrods have been targeted by cyber attackers in the last few weeks. Whether the attacks have been mounted by the same …

Property renters targeted in simple BEC scam
Emails purportedly sent by rental property management firms are being used to steal money from people in France and Canada, Proofpoint researchers have warned. A BEC scam …

When confusion becomes a weapon: How cybercriminals exploit economic turmoil
It begins with a simple notification: “Markets in Free Fall.” Within moments, the headlines multiply: new tariffs, emergency actions, plummeting consumer confidence. Across …

The Zoom attack you didn’t see coming
Did you know that when participating in a Zoom call, you can grant permission to other participants to control your computer remotely? While this feature may come in handy …

If you think you’re immune to phishing attempts, you’re wrong!
Security consultant Troy Hunt, the creator of the Have I Been Pwned (HIBP) service, has revealed that he got tricked by a clever phishing email, and that the attacker gained …

2024 phishing trends tell us what to expect in 2025
Phishing has been the method most often employed by cybercriminals to achieve initial access to targeted organizations in 2024, according to risk advisory firm Kroll, which …

6 considerations for 2025 cybersecurity investment decisions
Cybersecurity professionals may be concerned about the constantly shifting threat landscape. From the increased use of artificial intelligence (AI) by malicious actors to the …

Threat actors are using legitimate Microsoft feature to compromise M365 accounts
Suspected Russian threat actors have been taking advantage of Microsoft Device Code Authentication to trick targets into granting them access to their Microsoft 365 (M365) …

North Korean hackers spotted using ClickFix tactic to deliver malware
North Korean state-sponsored group Kimsuky (aka Emerald Sleet, aka VELVET CHOLLIMA) is attempting to deliver malware to South Korean targets by leveraging the so-called …

Ransomware attackers are “vishing” organizations via Microsoft Teams
The “email bombing + posing as tech support via Microsoft Teams” combination is proving fruitful for two threat actors looking to deliver ransomware to …

Scam Yourself attacks: How social engineering is evolving
We’ve entered a new era where verification must come before trust, and for good reason. Cyber threats are evolving rapidly, and one of the trends getting a fresh reboot in …
Featured news
Resources
Don't miss
- NetScaler ADC/Gateway zero-day exploited by attackers (CVE-2025-7775)
- Git vulnerability leading to RCE is being exploited by attackers (CVE-2025-48384)
- Protecting farms from hackers: A Q&A with John Deere’s Deputy CISO
- LLMs at the edge: Rethinking how IoT devices talk and act
- How to build a secure AI culture without shutting people down