Phishing
Threat actors are abusing Microsoft 365 infrastructure in a BEC campaign, and target its users in two brand impersonation campaigns.
Hi, what are you looking for?
SecurityWeek
Artificial Intelligence
Combined with AI, polymorphic phishing emails have become highly sophisticated, creating more personalized and evasive messages that result in higher attack success rates.
Email Security
A sophisticated phishing campaign abuses weakness in Google Sites to spoof Google no-reply addresses and bypass protections.
Artificial Intelligence
Agentic AI has improved spear phishing effectiveness by 55% since 2023, research shows.
Email Security
‘PoisonSeed’ phishing campaign targets CRM and bulk email providers to distribute “crypto seed phrase” messages.
Phishing
A threat actor tracked as Morphing Meerkat abuses DNS mail exchange (MX) records to deliver spoofed login pages.
Phishing
A long-running campaign phishing for credentials through scareware recently switched to targeting macOS users.
Phishing
A cybercrime group named Storm-1865 has targeted hospitality organizations via fake Booking.com emails and the use of social engineering.
Phishing
Researchers see dozens of fake DeepSeek websites used for credential phishing, cryptocurrency theft, and scams.
Cybercrime
Business resilience must be the ultimate purpose of all the security controls and processes we employ, because we will never conclusively defeat or protect...
Phishing
Noteworthy stories that might have slipped under the radar: several multi-million dollar settlements, CrowdStrike-themed phishing emails, and MITRE launches D3FEND 1.0.
Phishing
Fortinet warns of a phishing campaign that uses legitimate links to take over the victims’ PayPal accounts.
Incident Response
The 15th edition of NATO’s Locked Shields cyber defense exercise brought together 4,000 experts from 41 countries.
Vulnerabilities
Vulnerabilities
Malware & Threats
Management & Strategy
Artificial Intelligence