Australia’s Cyber Security Centre warned organizations about ClickFix social-engineering attacks using compromised WordPress sites to deliver Vidar Stealer via user-executed
Microsoft disclosed an AiTM phishing campaign targeting 35,000 users in 13,000 organizations across 26 countries between April 14–16, 2026, bypassing
An adversary-in-the-middle phishing campaign hit 35,000 workers across 13,000 organizations in 48 hours, using fake HR emails to bypass MFA
China-linked Silver Fox deployed a new ABCDoor backdoor through tax-themed phishing targeting both Indian and Russian filers simultaneously — a
Threat actors are systematically abusing Amazon SES to send phishing emails that pass SPF, DKIM, and DMARC checks — turning
Apple account change alerts misused for phishing, mimicking legitimate iPhone purchase notices.
The FBI and Indonesian authorities have dismantled the global phishing platform “W3LL” and arrested its alleged creator in the first
Cyber attackers use Google-hosted pages to trick open source developers with fake credentials and take control.
Russian APT28 exploits spear-phishing in Ukraine with a novel malware, PRISMEX, harnessing advanced steganography and COM hijacking.
UAT-10362 threatens Taiwanese NGOs with new LucidRook malware.
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.