Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

“Super-app” WeChat offers a wealth of functionality—from instant messaging, text and voice messaging, and video calls to mobile payments, ride booking, ordering food deliveries, paying bills and even accessing government services. Provided by Chinese technology conglomerate Tencent, WeChat has become deeply integrated into daily life in China and usage has been spreading globally. The app now boasts over 1.4 billion active users (24.8% of total internet users).

Today, anyone can find a picture of absolutely anybody and it is also not difficult to find a sample of their voice. By combining these it is shockingly easy to create a realistic AI deepfake video of that person. The video may not be perfect, and an experienced AI deepfake enthusiast might be able to see signs of it not being real, but it will be good enough to fool 99% of people. Cybercriminals have been creating and using AI-enabled deepfake technologies since early 2024 to socially engineer people.

Mexico has taken a major step toward strengthening its digital defenses with the official unveiling of its first National Cybersecurity Plan, a landmark initiative that establishes the country’s first specialized policy framework for cybersecurity.

A phishing campaign is targeting executives with phony offers for awards, according to researchers at Trustwave SpiderLabs. The attackers first dupe the victims into handing over their credentials, then use the ClickFix social engineering technique to trick them into installing malware. “The campaign uses a high-value executive recognition lure, ‘Cartier Recognition Program,’ to target executives,” the researchers write.

Malwarebytes warns that threat actors are abusing the free Cloudflare Pages service to host phishing portals, helping the phishing sites avoid detection by security scanners. The attackers are building fake login pages impersonating banking, insurance, and healthcare entities. The pages are designed to harvest credentials as well as security questions and multifactor authentication codes.

Deepfake attacks have become more compelling and realistic than ever before. Attackers are impersonating trusted leaders with convincing videos and voice, making it harder for employees to know what is real. Traditional awareness training is a good start, but nothing replaces first-hand exposure to real and synthetic content when it comes to telling deepfake videos from authentic ones. That’s why today we’re introducing KnowBe4’s Deepfake Training Content.

Researchers at SpyCloud have observed a 400% year-over-year increase in successful phishing attacks, with a disproportionate number of attacks targeting corporate accounts. “The company tracked a 400% year-over-year increase in successfully phished identities, with nearly 40% of the 28+ million recaptured phished records containing a business email address – compared to just 11.5% in recaptured malware data,” the researchers write.

Researchers at CyberProof warn that threat actors are launching phishing attacks via Microsoft Teams' “Chat with Anyone” feature, which lets external users send direct messages via email addresses. “Microsoft Teams now allows users to send direct chat invitations to any email address, even if recipients aren’t part of a Teams tenant,” the researchers explain.

Threat actors are using the open-source phishing framework Evilginx to target universities across the United States, according to researchers at Infoblox. The attackers have targeted at least 18 universities and educational entities since April 2025, using phishing pages that spoofed student single sign-on (SSO) portals. “In the campaigns we analyzed, students were targeted via personalized emails that contained TinyURL links,” Infoblox says.

ReliaQuest warns that the cybercriminal collective “Scattered Lapsus$ Hunters” appears to be using social engineering attacks to target organizations’ Zendesk instances. This group was behind a widespread campaign earlier this year that used voice phishing attacks to compromise dozens of companies’ Salesforce portals.