Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

1Password presents: Phishing prevention

Jan 22, 2026 By 1Password In 1Password
AI-powered scams are making phishing attacks harder to spot than ever. In this demo, see how 1Password’s phishing prevention feature helps stop users before they share credentials with fraudulent websites. When a site’s URL doesn’t match a saved login, 1Password won’t autofill. Now, when a user tries to paste their credentials anyway, a warning prompts them to pause and take a closer look. This added layer of protection acts as a second pair of eyes at the moment it matters most.
View Video

Uncovering A Mass VPN Phishing Campaign - The 443 Podcast - Episode 355

Jan 20, 2026 By WatchGuard Technologies In WatchGuard
This week on the podcast, we cover some first-hand research from the WatchGuard Threat Lab on a phishing campaign targeting users of nearly every major VPN vendor. After that, we discuss two recently resolved vulnerabilities in the Fortinet FortiSIEM application, then end with research from Varonis on a new attack flow against Copilot called RePrompt.
View Video
knowbe4

Threat Actors Exploit Misconfigurations to Spoof Internal Emails

Jan 15, 2026 By KnowBe4 Team In KnowBe4
Attackers are increasingly abusing network misconfigurations to send spoofed phishing emails, according to researchers at Microsoft. This technique isn’t new, but Microsoft has observed a surge in these attacks since May 2025. “Phishing actors are exploiting complex routing scenarios and misconfigured spoof protections to effectively spoof organizations’ domains and deliver phishing emails that appear, superficially, to have been sent internally,” the researchers write.
Read Post
knowbe4

Phishing Campaign Abuses Google's Infrastructure to Bypass Defenses

Jan 14, 2026 By KnowBe4 Team In KnowBe4
Researchers at RavenMail warn that a major phishing campaign targeted more than 3,000 organizations last month, primarily in the manufacturing industry. The phishing messages posed as legitimate business notifications, such as file access requests or voicemail alerts, and were designed to send users to credential-harvesting login pages. Notably, the campaign abused legitimate Google infrastructure and links to avoid being flagged by security tools.
Read Post
strongestlayer

StrongestLayer Research Finds Trusted Platforms Like DocuSign and Google Calendar Are Now the Primary Email Attack Surface

Jan 12, 2026 By StrongestLayer
77% of attacks impersonated business-critical brands such as DocuSign, Microsoft, and Google-platforms most organizations cannot afford to block.
Read Post
knowbe4

Defending Against Modern Email Threats With Layered, AI-Driven Security

Jan 8, 2026 By KnowBe4 Team In KnowBe4
Email has been the backbone of business communication for decades and as such, it remains the attacker’s favorite doorway into an organization. Phishing, Business Email Compromise (BEC) and supply-chain attacks continue to rise, with adversaries leveraging AI and compromised accounts to bypass legacy defenses. This presents many challenges for CISOs, IT Directors and SOC teams alike: it seems pretty clear that threats are evolving faster than traditional email security can keep up.
Read Post
knowbe4

Phishing Campaign Targets WhatsApp Accounts

Jan 8, 2026 By KnowBe4 Team In KnowBe4
Researchers at Gen warn that a phishing campaign is attempting to trick users into linking malicious devices to their WhatsApp accounts. The attack begins with an unsolicited message stating, “Hey, I just found your photo!” along with a link to a spoofed Facebook login page. Instead of trying to steal users’ Facebook credentials, however, the attackers are attempting to gain access to victims’ WhatsApp accounts.
Read Post
knowbe4

New BlackForce Phishing Kit Bypasses Multifactor Authentication

Dec 22, 2025 By KnowBe4 Team In KnowBe4
Zscaler has published a report on a new phishing kit dubbed “BlackForce” that uses Man-in-the-Browser (MitB) attacks to steal credentials and bypass multi-factor authentication. Notably, the kit “features a vetting system to qualify targets, after which a live operator takes over to orchestrate a guided compromise.” Additionally, the phishing kit uses mostly legitimate code in order to avoid detection by security scanners.
Read Post
Arctic Wolf

CVE-2025-20393: Threat Campaign Targeting Cisco Secure Email Gateway, Cisco Secure Email and Web Manager

Dec 19, 2025 By Julian Tuin In Arctic Wolf
On December 17, 2025, Cisco published an advisory detailing a new threat campaign identified on December 10, affecting the Cisco AsyncOS software used on Cisco Secure Email Gateway and Cisco Secure Email and Web Manager. The campaign is exploiting an unpatched zero-day vulnerability, which only affects deployments with the Spam Quarantine feature enabled. It allows threat actors to execute arbitrary commands with root privileges on affected devices. This feature is not enabled by default.
Read Post

ICS phishing with Jon Gaulding

Dec 19, 2025 By LimaCharlie In LimaCharlie
Join us for this week's Defender Fridays as we explore ICS phishing and calendar invite abuse with John Gaulding, Full Stack Engineer at Sublime Security. John examines how attackers are weaponizing calendar invites to bypass email security defenses and create persistent attack vectors. At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.