Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Organizations have traditionally treated phishing emails as a technology problem to be solved with spam filters and secure email gateways. But with phishing attacks on the rise, these tactics are no longer enough. KnowBe4’s 2025 Phishing By Industry Benchmarking Report found a 47% increase in phishing attacks that bypass Microsoft’s native defenses and secure email gateways. Why do they succeed? Because they exploit reliable human behavior.

Public sector organizations are operating in a threat environment that is both relentless and increasingly personal. Federal agencies, state and local governments and educational institutions are prime targets for ransomware, phishing, business email compromise (BEC) and credential theft. Local governments alone account for an estimated 43% of ransomware victims in 2025. But the real shift isn’t just in volume. It’s in tactics. Attackers have stopped trying to break in.

If the public sector had unlimited cybersecurity budgets and fully staffed SOCs, today’s threat landscape would look very different. But that’s not reality. Public sector organizations face chronic staffing shortages, constrained budgets and compensation structures that make it difficult to recruit and retain cybersecurity talent. Meanwhile, adversaries are accelerating their attacks. The result? Small teams carrying massive responsibility.

With 320 million daily users on Microsoft Teams, the ability to connect with colleagues across the organization has never been more seamless… or more targeted. The shift isn’t just about where we talk; it's about how we are being attacked. Threat actors moving beyond phishing emails and are infiltrating into the trusted spaces where your employees feel safest.

Every year on March 31st, World Backup Day rolls around with a simple but important message: Backup your data. It sounds almost too basic, right? I mean we all know in our minds that we should be doing that, and in a world of AI, zero-day exploits and nation-state threats, backing up data can feel like a cybersecurity 101 task.

Researchers at Malwarebytes warn that cybercriminals are peddling stolen tax documents for as low as $4 per identity, with freshly stolen forms selling for $20 each. These documents allow threat actors to conduct refund fraud, using stolen personal information to claim victims’ tax refunds.

Researchers at SpyCloud warn that the number of stolen identity records on criminal forums rose to 65.7 billion in 2025, a 23% increase from the previous year. “Phishing, malware, third-party breaches, and combo lists feed vast volumes of identity data into the industrialized criminal ecosystem,” the researchers write. “The risk extends beyond compromise – it fuels costly attacks at scale.

Although artificial intelligence (AI) seems relatively new to a lot of people, it was first officially created in 1956 and has been a large, improving branch of computer science ever since. The mass appeal of AI took off in late 2022 when OpenAI publicly released ChatGPTicial iintelligence (AI) seems relatively new to a lot of people, it was first officially created in 1956 and has been a large, improving branch of computer science ever since.

A finance employee receives an email that appears to come from the CFO requesting urgent payment approval. The message references a current project, uses the correct tone, and arrives at a plausible time. However, the email wasn’t written by a colleague — it was generated by AI. And it contains a malicious link. These attacks are becoming more common as threat actors use AI to produce convincing phishing emails, automate impersonation attempts, and launch social engineering campaigns at scale.

Researchers at LayerX warn that custom fonts can fool AI web assistants into thinking phishing pages are benign, while the human user sees something completely different. “There is a structural disconnect between what an AI assistant analyzes in a page’s HTML and what a user sees rendered by the browser,” the researchers explain.