A global phishing campaign targeting Microsoft 365 bypasses security codes using a legitimate login feature, impacting ...

Device code phishing targets 340+ Microsoft 365 orgs since Feb 2026 via OAuth abuse, enabling persistent token hijacking and ...

Cybersecurity firm Kaspersky has uncovered a new phishing tactic that exploits the no-code development platform Bubble.

Researchers have uncovered a sustained and ongoing campaign by Russian spies that uses a clever phishing technique to hijack Microsoft 365 accounts belonging to a wide range of targets, researchers ...

Threat actors are evading phishing detection in campaigns targeting Microsoft accounts by abusing the no-code app-building ...

During tax season, threat actors reliably take advantage of the urgency and familiarity of time-sensitive emails, including ...

SAN FRANCISCO, Feb. 11, 2026 /PRNewswire/ -- StrongestLayer today released a new threat intelligence report, From Nation-States to Amateur Hackers: Why QR Code Phishing Evades Email Security, ...

A large-scale phishing campaign is currently targeting developers via GitHub. Attackers are exploiting the Discussions feature to spread fake security ...

A credential phishing campaign that likely relied on AI-generated code to evade detection has been stopped by Microsoft Threat Intelligence. The attack, which targeted organizations in the US, ...

Just as we think we’re getting one step ahead of cybercriminals, they find a new way to evade our defenses. The latest method causing trouble for security teams is that of device code phishing, a ...

Quick response (QR) codes, initially designed to track car parts in the early 90s and popularized during the COVID-19 pandemic when many restaurants turned to electronic menus, have unfortunately ...