Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In our previous post, The ABC’s of Ishing, we broke down the foundational tactics used by cybercriminals to deceive users and gain unauthorized access. This follow-up report expands on that foundation by exploring three evolving phishing threats that go beyond traditional email lures. Angler Phishing, Calendar Phishing, and Captcha Phishing each exploit trust in everyday digital tools—social media platforms, calendar invites, and CAPTCHA challenges.

With time, effort, and a blessing from the LinkedIn networking Gods, a high-level executive's identity can be transformative for a company. More than just a name and title, these executives become symbols of authority and trust, someone employees, customers, and partners instinctively follow. Personas like Elon Musk and Tim Cook instill confidence and belief in their employees and consumers by championing their products and their ethos.

In February 2024, a ransomware attack on a critical player in the US healthcare infrastructure sent shockwaves through the US and globally. Pharmacies were unable to process prescriptions using patients' insurance, leading to delays in medication dispensing and highlighting the fragility of the healthcare supply chain. Hospitals and medical offices faced severe operational disruptions, struggling to provide patient care, submit insurance claims, and receive payments.

As students return to classrooms, a different kind of "back-to-school" activity is ramping up: Hack-to-School. Cybercriminals and nation-state actors are intensifying their focus on educational institutions. According to Bitsight Threat Intelligence, the education sector is now the third-most targeted industry by cyber threat actors, facing a wide range of persistent and emerging risks.

Bitsight’s mission to keep evolving the capability of our data engine through AI enhancements hit a new milestone today. The latest addition is a new entity mapping capability added to Bitsight AI and the data engine, which uses GenAI agents to create more complete and consistent sets of identifiers for organizations scanned and added to Bitsight’s entity inventory.

In order to collect various security-related metrics, Bitsight scans the entire internet, collecting a unique set of data that enables us to carry out a variety of studies that would be extremely difficult for any other company to conduct. One of the metrics that we collect is related to the presence of certain vulnerabilities. For this, we need to take into consideration all possible mitigation strategies that are available and that allow us to reduce the risk.

This blog post may sound a bit personal. That’s because it is. It is also a long story, so you might want to grab yourself some coffee (or your favorite beverage).

In our 2025 State of the Underground report, we found that 384 unique varieties of malware were sold across the top three criminal forums in 2024, a 10% increase from 349 in 2023, signifying an expansion in the underground malware marketplace. These figures reflect malware explicitly offered for sale (not shared freely), and each distinct version or naming variation is counted independently.

It’s no secret that in cybersecurity, many attacks begin with some form of “‑ishing.” But what exactly are these tactics and who’s behind them? From classic phishing emails to more advanced impersonation schemes using AI and social platforms, attackers continue to evolve their methods to exploit human behavior. Understanding the full spectrum of “‑ishing” techniques is critical for organizations looking to protect their people, data, and reputation.

In its 2025 State of the Underground report, Bitsight TRACE identified the manufacturing sector as the most targeted industry for the third consecutive year, accounting for 22% of the 4,853 cyberattacks where sector attribution was possible. Manufacturing is the backbone of global supply chains, and when a cyberattack halts operations, even just briefly, the ripple effects can be enormous. Production delays, missed shipments, and service disruptions quickly cascade across industries.