Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Researchers at Stripe warn of a wave of spear phishing attacks targeting C-suite employees and senior leadership across a wide range of industries. The emails pose as OneDrive document-sharing notifications with subject lines like “Salary amendment” or “FIN_SALARY.” If a user clicks the link, they’ll be taken to a spoofed Microsoft Office/OneDrive login page designed to steal their credentials.

Healthcare organizations need to be prepared for an increase in AI-assisted phishing attacks, according to Zack Martin, Senior Policy Advisor at Venable. In an article for HIT Consultant, Martin explained that AI has made phishing attacks more convincing and easier to launch, posing a heightened risk to healthcare organizations.

Threat actors can now use AI tools to automate entire attack operations, according to a new report from Anthropic. The company says an attacker abused its Claude AI tool to create a hacking and extortion campaign that compromised at least seventeen organizations. The attacker used Claude to conduct reconnaissance, initial access, malware development, data exfiltration, and extortion analysis.

Many years ago, a friend of mine worked as a security director at a firm and had what they called an “audit box.” It was a pre-prepared box filled with policies, network diagrams, security controls and checkboxes. Basically, all the things an auditor would want to see during a visit. Except they weren’t always a true reflection of reality. That's a tidy version of cybersecurity. You purchase a tool, deploy it, tick the box and the problem goes away.

“The problem is much, much worse than most people acknowledge.” One of the biggest enduring mysteries for me in cybersecurity is why most cybersecurity curricula don’t teach secure coding to programmers. I have no real answers, only speculation.

ReliaQuest has published a report on the cybercriminal recruitment ecosystem, finding that fluent English speakers with social engineering skills are highly sought-after. “Among the most in-demand skills is English-speaking social engineering, with job posts more than doubling from 2024 to 2025,” the researchers write.

Attackers are using a newly discovered phishing-as-a-service (PhaaS) platform dubbed “Salty 2FA” to target a wide range of industries across North America and Europe, according to researchers at ANYRUN. The phishing attacks are delivered via email and primarily attempt to steal Microsoft 365 credentials. Like many popular commodity phishing kits, Salty 2FA is designed to bypass a variety of multifactor authentication measures.

You've probably seen them: enticing online offers for free products from brands you trust, like a Yeti beach chair from Costco or an emergency car kit from AAA. All you have to do is fill out a quick survey and pay a small "shipping fee" of a couple of dollars. But what seems like a harmless transaction is actually a sophisticated scam with a high price tag. The KnowBe4 Threat Lab team has been tracking a phishing campaign where scammers use these fake surveys to steal financial data.

Below is an example of a sophisticated survey scam phishing email that KnowBe4’s Threat Lab team has been monitoring as discussed in “The Hidden Cost of "Free" Gifts: How Survey Scams Are Evolving to Steal Financial Data”. As discussed in our previous blog, the human element is a critical part of the fake survey scam. However, the campaign's success is largely due to its advanced technical infrastructure.

Cybercriminals are increasingly abusing AI-assisted website generators to quickly craft convincing phishing sites, according to researchers at Palo Alto Networks’ Unit 42. In many cases, even when these services have safeguards in place to prevent abuse, criminals are able to bypass these measures in order to create phishing pages. Unit 42 tested a popular website generator to see how easy it was to spin up a spoofed website.