Rhysida ransomware is spreading malware via malicious Bing ads targeting Microsoft Teams, Zoom, and PuTTY users while abusing code-signing certificates
Cybercriminals are hijacking freight shipments by deploying legitimate Remote Monitoring and Management (RMM) tools through phishing campaigns. Once inside logistics
Cybercriminals are increasingly exploiting the OAuth 2.0 device code flow to bypass multi-factor authentication, a tactic known as device code
A new phishing technique called “CoPhish” exploits Microsoft Copilot Studio to deliver OAuth-based attacks through legitimate Microsoft domains. By embedding
Moroccan cybercriminals—tracked as Jingle Thief/Atlas Lion/Storm-0539—use sophisticated phishing and Entra ID abuse to hijack Microsoft 365 workflows and issue fraudulent
This detailed guide explores eleven prevalent social engineering attack types, explaining their mechanisms and offering practical preventative measures for individuals
The Co-operative Group has disclosed over $100 million in profit losses from the April 2025 Scattered Spider cyberattack. The breach
Iranian state-backed hackers have launched a phishing campaign compromising 104 email accounts and targeting 50+ embassies, ministries, and organizations worldwide.
A new phishing campaign is distributing the UpCrypter malware loader through fake voicemail and purchase order emails. Targeting industries worldwide,
Deepfake-enabled vishing attacks are skyrocketing, with criminals using AI-cloned voices to impersonate executives, officials, and loved ones. These scams bypass
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.