A new phishing tactic known as Precision-Validated Phishing is being leveraged by cybercriminals to enhance the effectiveness of credential theft campaigns. This technique uses real-time email validation.

A recent phishing campaign has been uncovered targeting Spotify users through a spoofed email that mimics official Spotify communications. The attackers embedded legitimate Spotify URLs within the email to lend credibility.

A recent phishing campaign exploits the timing of Q1 evaluations by impersonating internal HR communications to deceive employees. The campaign culminates in credential theft via a spoofed Microsoft login page.

A recent phishing campaign leverages a dual-threat strategy combining credential harvesting and malware delivery. Disguised as a file deletion alert, the attack exploits user trust to deploy the ConnectWise RAT or steal Office365 credentials.

A new proof-of-concept attack dubbed Cookie-Bite demonstrates how a malicious Chrome extension can steal Azure Entra ID session cookies to bypass multi-factor authentication (MFA) and maintain unauthorized access to Microsoft cloud services.

Launched in June 2024, SheByte has rapidly gained traction among cybercriminals by offering customizable phishing kits and a subscription model, signaling a durable presence in the threat landscape.

A newly uncovered espionage campaign by the Billbug group (aka Lotus Blossom, Lotus Panda, Bronze Elgin) targeted multiple Southeast Asian organizations between August 2024 and February 2025.

A widespread and ongoing SMS phishing (smishing) campaign has been targeting toll road users across eight U.S. states since mid-October 2024. The campaign impersonates electronic toll systems.

A coordinated fraud campaign is targeting investors using fake investment platforms, impersonation tactics, and compromised legitimate websites. These schemes aim to steal financial data and defraud victims through social engineering.

STYX Market is a rapidly growing dark web marketplace that has emerged as a central hub for financially motivated cybercriminals. Launched in 2023, it specializes in the sale of stealer logs, access credentials, and identity documents.