Two MDO field reports every IT security lead should read
The post Two MDO field reports every IT security lead should read appeared first on Blog. Tyler Swinehart, Director of...
Phishing
Phishing LNK files and GitHub C2 power new DPRK cyber attacks
Phishing LNK files and GitHub C2 power new DPRK cyber attacks Pierluigi Paganini April 06, 2026 DPRK-linked hackers use GitHub...
Threat actor UAC-0255 impersonate CERT-UA to spread AGEWHEEZE malware via phishing
Threat actor UAC-0255 impersonate CERT-UA to spread AGEWHEEZE malware via phishing Pierluigi Paganini April 02, 2026 Threat actors impersonated CERT-UA...
Gmail’s New Rename Feature Could Add Spam and Phishing to Your Inbox
As of March 31st, Google is allowing users to change their primary Gmail address username. Although a nice feature...
Shut the Front Door on Email Attacks: How to Scale Security Services Without Increasing Workload
Email remains the primary entry point for cyberattacks, driven largely by phishing and account compromise. For attackers, it is...
Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures
Ravie LakshmananApr 01, 2026Malware / Windows Security A multi-pronged phishing campaign is targeting Spanish-speaking users in organizations across Latin America...
Incident responders, s’il vous plait: Invites lead to odd malware events
Sophos’ Managed Detection and Response (MDR) teams reported on a phishing campaign late last year that attempted to trick users...
Russia-linked APT TA446 uses DarkSword exploit to target iPhone users in phishing wave
Russia-linked APT TA446 uses DarkSword exploit to target iPhone users in phishing wave Pierluigi Paganini March 30, 2026 Russia-linked TA446...
New AITM phishing wave hijacks TikTok Business accounts
New AITM phishing wave hijacks TikTok Business accounts Pierluigi Paganini March 27, 2026 A new AITM phishing campaign targets TikTok...
AitM Phishing Targets TikTok Business Accounts Using Cloudflare Turnstile Evasion
Ravie LakshmananMar 27, 2026Ransomware / Malware Threat actors are using adversary-in-the-middle (AitM) phishing pages to seize control of TikTok for...
SEC Rules – Crypto IS A Security – Sometimes
There’s a classic Saturday Night Live sketch where Chevy Chase and Gilda Radner pitch “Shimmer”—a product that’s both a...
Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse
Cybersecurity researchers are calling attention to an active device code phishing campaign that's targeting Microsoft 365 identities across more than...
IRONSCALES Launches Email Attack of the Day, a Daily Threat Intelligence Series for Security Teams
IRONSCALES is bringing a new threat intelligence series to the security community, launching “Email Attack of the Day” at...
Russia-linked actors target WhatsApp and Signal in phishing campaign
Russia-linked actors target WhatsApp and Signal in phishing campaign Pierluigi Paganini March 22, 2026 Russia-linked actors target WhatsApp and Signal...
Apple Mail’s ‘Trusted Sender’ Label Misused in New Phishing Scheme
Image: Generated via Google’s Nano Banana A new phishing scam is raising concerns after reports showed that Apple Mail can...
