Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

knowbe4

Notorious Cybercrime Group is Now Targeting Zendesk Users

Dec 8, 2025 By KnowBe4 Team In KnowBe4
ReliaQuest warns that the cybercriminal collective “Scattered Lapsus$ Hunters” appears to be using social engineering attacks to target organizations’ Zendesk instances. This group was behind a widespread campaign earlier this year that used voice phishing attacks to compromise dozens of companies’ Salesforce portals.
Read Post
knowbe4

KnowBe4 Earns Multiple 2026 Buyer's Choice Awards from TrustRadius

Dec 5, 2025 By KnowBe4 Team In KnowBe4
KnowBe4 is proud to announce that three of its leading security products — Security Awareness Training, PhishER/PhishER Plus and Compliance Plus — have been recognized as 2026 Buyer's Choice award winners by TrustRadius, a HG Insights company and buyer intelligence platform for business technology.
Read Post
knowbe4

Malicious AI Tools Assist in Phishing and Ransomware Attacks

Dec 5, 2025 By KnowBe4 Team In KnowBe4
Researchers at Palo Alto Networks’ Unit 42 are tracking two new malicious AI tools, WormGPT 4 and KawaiiGPT, that allow threat actors to craft phishing lures and generate ransomware code. These tools are criminal alternatives to mainstream AI tools like ChatGPT, with no safety guardrails to prevent users from using them for malicious activities. The latest version of WormGPT offers lifetime access for $220, or a monthly fee of $50.
Read Post
knowbe4

Report: Sophisticated Fraud Attacks Are on the Rise

Dec 4, 2025 By KnowBe4 Team In KnowBe4
Sophisticated online fraud techniques are growing more accessible to unskilled attackers, driven by AI tools and fraud-as-a-service platforms, according to Sumsub’s latest Identity Fraud Report. “hile the volume of attacks remains staggering, the nature of fraud is shifting,” the researchers write.
Read Post
knowbe4

The Ghost in the Machine: How a Multi-Stage Phishing Campaign Evades Security to Steal Microsoft 365 Credentials

Dec 4, 2025 By KnowBe4 Threat Lab In KnowBe4
Since November 3, 2025, KnowBe4 Threat Labs has been monitoring a highly sophisticated, multi-stage phishing operation that is actively targeting organizations to steal employees’ Microsoft 365 credentials. The campaign has been engineered to bypass traditional email security defenses, such as secure email gateways (SEGs), and multi-factor authentication (MFA) tools.
Read Post

2026 Phishing Threat Trends Report Preview

Dec 3, 2025 By KnowBe4 | Human Risk Management In KnowBe4
Ever wondered who answers when you call a cybercriminal? What happens in the aftermath of a Scattered Spider breach? Or why cybercriminals use legitimate platforms to send phishing emails? If so, this is the session for you. Join Jack Chapman, KnowBe4’s SVP of Threat Intelligence, as he pulls back the curtain on these topics. Jack will give you a first look at our latest Phishing Threat Trends Report, walking through attack scenarios and sharing the trends that are shaping the threat landscape.
View Video
knowbe4

KnowBe4 Is a Leader In the Gartner Magic Quadrant for Email Security For the Second Consecutive Year

Dec 3, 2025 By Bex Bailey In KnowBe4
Following its launch in 2024, Gartner has now published the second Magic Quadrant for Email Security —and KnowBe4 is delighted to once again be named a Leader! Email security is critical for all organizations globally. Fueled by factors such as GenAI and crime-as-a-service toolkits, the phishing threat landscape continues to become more sophisticated at an alarming pace.
Read Post
knowbe4

New Criminal Toolkit Abuses Browser Push Notifications

Dec 3, 2025 By KnowBe4 Team In KnowBe4
A new criminal platform called “Matrix Push C2” is using browser notifications to launch social engineering attacks, according to researchers at BlackFog. “This browser-native, fileless framework leverages push notifications, fake alerts, and link redirects to target victims across operating systems,” the researchers write.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.