CTI roundup: Hybrid 2FA phishing, RomCom, MuddyWater
Hybrid 2FA phishing threatens enterprises, RomCom uses SocGholish to deploy Mythic Agent malware, and MuddyWater targets critical infrastructure with evolving tactics.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Warning: Phishing Campaign Leveraging Evilginx Targets U.S. Universities
Threat actors are using the open-source phishing framework Evilginx to target universities across the United States, according to researchers at Infoblox. The attackers have targeted at least 18 universities and educational entities since April 2025, using phishing pages that spoofed student single sign-on (SSO) portals. “In the campaigns we analyzed, students were targeted via personalized emails that contained TinyURL links,” Infoblox says.
SpyCloud Data Shows Corporate Users 3x More Likely to Be Targeted by Phishing Than by Malware
Phishing has surged 400% year-over-year, highlighting need for real-time visibility into identity exposures.
The Ghost in the Machine: How a Multi-Stage Phishing Campaign Evades Security to Steal Microsoft 365 Credentials
Since November 3, 2025, KnowBe4 Threat Labs has been monitoring a highly sophisticated, multi-stage phishing operation that is actively targeting organizations to steal employees’ Microsoft 365 credentials. The campaign has been engineered to bypass traditional email security defenses, such as secure email gateways (SEGs), and multi-factor authentication (MFA) tools.
Phishing Campaign Uses Fake Party Invites to Deliver Remote Access Tools
A large phishing campaign is using phony seasonal party invites to trick users into installing remote management and monitoring (RMM) tools, according to researchers at Symantec. “A highly active threat actor that specializes in using the ScreenConnect remote management and monitoring (RMM) software in its attacks has changed tactics and is now infecting its victims with multiple RMM tools, including LogMeIn Resolve and Naverisk,” Symantec says.
Fortifying Your Inbox: Advanced Email Security with Check Point & LevelBlue
As email-based cyberattacks surge, security teams are struggling to stay ahead of increasingly sophisticated phishing, Business Email Compromise (BEC), and AI-driven social engineering. With attackers exploiting platforms like Microsoft 365, Google Workspace, OneDrive, and SharePoint, organizations face growing pressure to strengthen protection, visibility, and compliance.
How Can AI Be Used in Phishing Attacks?
Phishing is the most common type of cyberattack, occurring when an attacker impersonates a trustworthy entity with the intention of carrying out fraudulent activity. Phishing is done with the motive of stealing sensitive information such as passwords, credit card numbers, and other personal data. Phishing was already quite threatening, but with the inception of Artificial Intelligence (AI), it became even more dangerous.
What Happens When Cybercriminals Compromise a Sportswear Giant?
Between 1:48pm ET on October 29 and 6:53pm ET on October 30, 2025, KnowBe4 threat analysts observed a high volume of phishing emails detected by KnowBe4 Defend that were sent from the legitimate domain of one of the world’s largest sportswear brands.
Safe Online Practices: Avoiding Scams and Cyber Threats
The Internet is an indispensable tool for education, communication, commerce, and research. However, with its vast opportunities come sophisticated scams and persistent cyber threats. Maintaining safe online practices is no longer optional; it's a critical skill for navigating modern life securely. Understanding the common dangers and adopting proactive security measures is the foundation of digital safety.
Featured Post
My Black Friday Cybersecurity Wishlist
Black Friday and Cyber Monday always bring bargain buys as consumers hunt for deals to make the upcoming festive season special, but they are also a bonanza for cybercriminals. Attacks spike during the holiday season as cybercriminals take advantage of workers being out of their usual routine and less vigilant than normal. This makes for far from happy holidays for the businesses affected. However, what many organizations don't realize is that often they already have the tools to protect themselves in their security armory; they just haven't activated them.