phishing

Threat actors impersonate CERT-UA, distribute AGEWHEEZE malware

• malware
• phishing

Threat actors impersonate CERT-UA, distribute AGEWHEEZE malware

SC Staff April 3, 2026

The campaign targeted approximately 1 million users across various sectors, including government, healthcare, education, and finance.

Read More Read more about Threat actors impersonate CERT-UA, distribute AGEWHEEZE malware

Highly evasive spear-phishing campaign targeting senior execs ‘neutralizes’ MFA

• identity
• phishing
• ransomware

Highly evasive spear-phishing campaign targeting senior execs ‘neutralizes’ MFA

Laura French April 3, 2026

The campaign leverages a newly-discovered phishing kit called VENOM.

Read More Read more about Highly evasive spear-phishing campaign targeting senior execs ‘neutralizes’ MFA

Global Microsoft device code phishing facilitated by novel EvilTokens kit

• identity
• phishing
• threat-intelligence

Global Microsoft device code phishing facilitated by novel EvilTokens kit

SC Staff April 2, 2026

BleepingComputer reports that organizations around the world, particularly in the U.S., Canada, France, Australia, India, Switzerland, and...

Read More Read more about Global Microsoft device code phishing facilitated by novel EvilTokens kit

Phishing campaign delivers Casbaneiro and Horabot banking trojans

• malware
• phishing

Phishing campaign delivers Casbaneiro and Horabot banking trojans

SC Staff April 2, 2026

The threat actor, identified as Brazilian cybercrime group Augmented Marauder and Water Saci, employs a unique delivery...

Read More Read more about Phishing campaign delivers Casbaneiro and Horabot banking trojans

Bogus LinkedIn message alerts enable credential siphoning

• identity
• phishing

Bogus LinkedIn message alerts enable credential siphoning

SC Staff April 1, 2026

Malicious actors have been distributing fraudulent LinkedIn alert messages for potential job opportunities to facilitate credential exfiltration...

Read More Read more about Bogus LinkedIn message alerts enable credential siphoning

New macOS feature seeks to avert ClickFix compromise

• phishing

New macOS feature seeks to avert ClickFix compromise

SC Staff March 31, 2026

Apple has released a new mechanism for macOS Tahoe 26.4 that stops the execution of potentially harmful...

Read More Read more about New macOS feature seeks to avert ClickFix compromise

New Ukrainian CERT-spoofing phishing campaign delivers RAT

• phishing

New Ukrainian CERT-spoofing phishing campaign delivers RAT

SC Staff March 31, 2026

Ukrainian government entities, healthcare providers, financial providers, security firms, educational institutions, and software development companies have been...

Read More Read more about New Ukrainian CERT-spoofing phishing campaign delivers RAT

Doppel’s Bobby Ford on why legacy controls are failing

• aiml
• generative-ai
• phishing
• ransomware
• rsac

Doppel’s Bobby Ford on why legacy controls are failing

SC Staff March 27, 2026

Doppel's Bobby Ford explains how AI-powered impersonation and deepfake-enabled campaigns are exposing critical gaps in legacy defenses....

Read More Read more about Doppel’s Bobby Ford on why legacy controls are failing

IRONSCALES’ Eyal Benishti on why AI made ‘solved’ attacks dangerous again

• phishing
• rsac

IRONSCALES’ Eyal Benishti on why AI made ‘solved’ attacks dangerous again

SC Staff March 25, 2026

Eyal Benishti explores what Phishing 3.0 really means for security leaders.

Read More Read more about IRONSCALES’ Eyal Benishti on why AI made ‘solved’ attacks dangerous again

Multi-Channel Impersonation: Why Legacy Controls Are Failing – Bobby Ford – RSAC26 #3

• phishing

Multi-Channel Impersonation: Why Legacy Controls Are Failing – Bobby Ford – RSAC26 #3

Joshua Marpet March 25, 2026

Read More Read more about Multi-Channel Impersonation: Why Legacy Controls Are Failing – Bobby Ford – RSAC26 #3