The phishing campaign begins with a spoofed email impersonating a legitimate company that provides disability and health equipment. The email contains a link to a fake invoice hosted on script[.]google[.]com, a legitimate Google domain.

A new phishing technique known as Fullscreen Browser-in-the-Middle (BitM) attack is exploiting standard browser functionality to deceive users into submitting credentials on fake login pages.

A new phishing campaign leveraging the Tycoon2FA Phishing-as-a-Service (PhaaS) platform has been linked to the threat actor Storm-1575, also known for the Dadsec platform.

A highly targeted spearphishing campaign is actively targeting CFOs and financial executives in banks, investment firms, energy utilities, and insurance companies across Europe, Africa, Canada, the Middle East, and South Asia.

A new stealthy attack technique is leveraging Distributed Component Object Model (DCOM) objects on Windows systems to harvest credentials without deploying payloads or triggering traditional security alerts.

A sophisticated phishing campaign has been uncovered that impersonates Coursera and offers a free Meta Social Media Marketing certificate to lure victims into a multi-stage phishing trap.

A phishing campaign has been uncovered targeting Indian air travelers by impersonating the DigiYatra Foundation through a fraudulent website, digiyatra[.]in. This site harvests personal data under the guise of a legitimate flight booking service.

A series of sophisticated phishing campaigns are targeting macOS users by distributing fake Ledger Live applications designed to steal 24-word seed phrases used to access cryptocurrency wallets.

A newly identified phishing campaign is targeting mobile users by injecting malicious JavaScript into websites to redirect them to adult-content Progressive Web Apps (PWAs).

The FBI has issued a public service announcement warning of a surge in AI-generated voice deepfake attacks targeting U.S. government officials since April 2025. These leverage advanced voice cloning technologies to impersonate senior officials.