Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

A KnowBe4 Threat Lab Publication Authors: Martin Kraemer, James Dyer, and Lucy Gee Much like sending a phishing email from a compromised account, cybercriminals can boost the deliverability and credibility of their attacks by leveraging legitimate platforms. Notably, there has been a growing proportion sent using the popular accounting software Intuit QuickBooks. Our Threat Research team has observed a 36.5% increase in the use of this platform since January 1, 2025.

Ever since OpenAI publicly released ChatGPT in late 2022, people have been predicting the end of programmers. Supposedly, AI can do anything programmers can do. While I’m not convinced all programmers are going away, I wouldn’t want to be a brand new programmer, and I do think the field is definitely going to change, if not significantly shrink over time. I’m not going out on much of a limb in saying this as almost everyone thinks this. Microsoft CEO Satya Nadella thinks this.

Researchers at Barracuda observed a fourfold increase in ransomware threats last year, driven by increasingly sophisticated ransomware-as-a-service (RaaS) operations. “The developers behind RaaS platforms often have the time, resources, and skills to invest heavily in advanced and evasive toolsets and templates,” Barracuda explains.

A new report from Arctic Wolf has found that 96% of ransomware attacks now involve data theft as criminals seek to force victims to pay up. “As potential victims implemented more reliable backup and restoration processes, ransomware operators introduced data exfiltration as a means to apply additional pressure and protect their revenue streams,” Arctic Wolf says.

The European Union's AI Act is ushering in a new era of workplace requirements, with AI literacy taking center stage. Under Article 4, organizations must now ensure their workforce is sufficiently AI-literate - but what does this really mean for your organization? The AI Act requires organizations to provide adequate AI training to staff and operators. This training must account for technical knowledge, experience, educational background, and the context in which AI systems are used.

Recently, Dr. Martin J. Kraemer, Security Awareness Advocate at KnowBe4, and Dr. William Seymour, Lecturer in Cybersecurity at King’s College London released a Whitepaper called: “Cybersecurity Information Sharing as an Element of Sustainable Security Culture,” which examines how people consume and share cybersecurity information, revealing the role that workplace training plays in fostering information sharing among colleagues.

Researchers at Juniper Threat Labs warn that phishing attacks are utilizing a new obfuscation technique to hide malicious JavaScript. “While investigating a sophisticated phishing attack targeting affiliates of a major American political action committee (PAC) in early January 2025, Juniper Threat Labs observed a new JavaScript obfuscation technique,” the researchers write.

KnowBe4’s Threat Lab recently observed a phishing campaign targeting educational institutions. Over a 30 day period, 4,361 threats were reported, originating from 40 unique sender domains. 65% of these domains were compromised educational institution IDs. The ultimate aim of these attacks was to harvest credentials resulting in the potential data loss, compromise and further phishing emails.

Zimperium warns of a surge in phishing attacks specifically tailored for mobile devices. These attacks are designed to evade desktop security measures in order to breach organizations through employees’ smartphones. Mobile phishing includes SMS phishing (smishing), QR code phishing (quishing), voice phishing (vishing), and mobile-targeted email phishing.