Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

bitsight

A Match Made in Heaven: How Valentine's Day Fuels Seasonal Phishing Attacks

Feb 12, 2026 By Emma Stevens In BitSight
Valentine’s Day runs on emotion. Surprise, urgency, curiosity, trust, love. For threat actors, that combination is hard to beat. Every year in mid-February, security teams see the same pattern. Phishing campaigns pick up. Brand impersonation increases. Fraud attempts follow close behind. It is not because attackers suddenly developed new techniques.
Read Post
knowbe4

Uncovering the Sophisticated Phishing Campaign Bypassing M365 MFA

Feb 12, 2026 By KnowBe4 Threat Lab In KnowBe4
Lead Analysts: Jeewan Singh Jalal, Prabhakaran Ravichandhiran and Anand Bodke KnowBe4 Threat Labs has detected a sophisticated phishing campaign targeting North American businesses and professionals. This attack compromises Microsoft 365 accounts (Outlook, Teams, OneDrive) by abusing the OAuth 2.0 Device Authorization Grant flow, bypassing strong passwords and Multi-Factor Authentication (MFA).
Read Post
knowbe4

Voice Phishing Kits Give Threat Actors Real-Time Control Over Attacks

Feb 12, 2026 By KnowBe4 Team In KnowBe4
Researchers at Okta warn that a series of phishing kits have emerged that are designed to help threat actors launch sophisticated voice phishing (vishing) attacks that can bypass multifactor authentication. “The most critical of these features are client-side scripts that allow threat actors to control the authentication flow in the browser of a targeted user in real-time while they deliver verbal instructions or respond to verbal feedback from the targeted user,” Okta says.
Read Post

The browser blind spot: Phishing evolution and shadow AI risk with Cody Pierce

Feb 10, 2026 By LimaCharlie In LimaCharlie
Join us for this week's Defender Fridays as we explore browser security, phishing evolution, and the risks of shadow AI with Cody Pierce, CEO at Neon Cyber. At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.
View Video

What Is Phishing?

Feb 5, 2026 By Arctic Wolf Networks In Arctic Wolf
Phishing remains one of the most widespread and damaging cyber threats facing organizations today. Attackers craft deceptive messages designed to trick users into revealing credentials, financial information, or installing malware. To make matters worse, the tactics continue to evolve. Originating in the mid‑1990s, phishing has grown into a sophisticated weapon. Modern attackers now use AI, social media intelligence, and high‑quality impersonation techniques to create convincing campaigns that are harder than ever to detect.
View Video
knowbe4

Warning: A LinkedIn Phishing Campaign is Targeting Executives

Feb 3, 2026 By KnowBe4 Team In KnowBe4
A phishing campaign is abusing LinkedIn private messages to target executives and IT workers, according to researchers at ReliaQuest. The messages attempt to trick victims into opening an archive file, which will install a legitimate pentesting tool. “A critical element of this attack was the use of a legitimate, open-source Python script designed for pen-testing,” ReliaQuest says.
Read Post
knowbe4

Warning: "Fancy" QR Codes Are Making Quishing More Dangerous

Jan 23, 2026 By KnowBe4 Team In KnowBe4
Scammers are increasingly using visually stylized QR codes to deliver phishing links, Help Net Security reports. QR code phishing (quishing) is already more difficult to detect, since these codes deliver links without a visible URL. Attackers are now using QR codes with colors, shapes, and logos woven into the code’s pattern. “Fancy QR codes further complicate detection,” Help Net Security says. “Their layouts no longer resemble the familiar black and white grid.
Read Post

1Password presents: Phishing prevention

Jan 22, 2026 By 1Password In 1Password
AI-powered scams are making phishing attacks harder to spot than ever. In this demo, see how 1Password’s phishing prevention feature helps stop users before they share credentials with fraudulent websites. When a site’s URL doesn’t match a saved login, 1Password won’t autofill. Now, when a user tries to paste their credentials anyway, a warning prompts them to pause and take a closer look. This added layer of protection acts as a second pair of eyes at the moment it matters most.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.