Why it's time for phishing prevention to move beyond email
While phishing has evolved, email security hasn't kept up. Attackers now bypass MFA & detection tools with advanced phishing ...
Infosecurity Magazine18h
Sneaky 2FA Joins Tycoon 2FA and EvilProxy in 2025 Phishing Surge
Security firm Barracuda said it has detected more than a million phishing-as-a-service (PhaaS) attacks in 2025 ...
SecurityWeek18h
Scareware Combined With Phishing in Attacks Targeting macOS Users
A long-running campaign phishing for credentials through scareware recently switched to targeting macOS users.
Cybernews14h
Cybercriminals upgrade Tycoon 2FA phishing kit as Phaas attacks surge
Cybercriminals have increased phishing-as-a-service (Phaas) attempts in the first months of this year, making their attacks ...
Computing18h
‘Massive spike’ in phishing-as-a-service attacks in 2025, research
Phishing is by far the most common entry point for hackers, with 84% of businesses reporting having been targeted, according ...
Microsoft6d
Phishing campaign impersonates Booking .com, delivers a suite of credential-stealing malware
Starting in December 2024, leading up to some of the busiest travel days, Microsoft Threat Intelligence identified a phishing ...
Apple’s Passwords app was vulnerable to phishing attacks for nearly three months after launch
In iOS 18, Apple spun off its Keychain password management tool—previously only tucked away in Settings—into a standalone app ...
Watch out for this phishing scam impersonating Booking.com
If you work in hospitality and find an email in your inbox from Booking.com claiming to be an angry guest, then watch out — it may well be part of a phishing scam. Microsoft has warned that a phishing ...
Malicious Adobe, DocuSign OAuth apps target Microsoft 365 accounts
Cybercriminals are promoting malicious Microsoft OAuth apps that masquerade as Adobe and DocuSign apps to deliver malware and ...
Tolling agencies responding to smishing scam warning of fake unpaid tolls
Tollway companies across the United States are raising awareness about the resurgence of a text message phishing scam ...
Microsoft 365 accounts are under attack from new malware spoofing popular work apps
Criminals are using stolen email addresses to distribute malicious OAuth Apps These apps steal sensitive data and redirect people to phishing pages The pages steal login credentials and deliver ...
Krebs on Security1mon
How Phished Data Turns into Apple & Google Wallets
According to Merrill, the phishing pages that spoof the USPS and various toll road operators are powered by several innovations designed to maximize the extraction of victim data. For example ...