Social Engineering stories

Barracuda links surge in device code phishing attacks to EvilTokens kit as criminals exploit Microsoft 365 logins and bypass multifactor checks.

VIPRE says cyber criminals are increasingly abusing trusted services like Cloudflare, Microsoft and TestFlight to dodge email security filters.

Everywhen warns businesses and consumers to check web addresses, padlocks and browser alerts as fake sites fuel rising cyber fraud risk.

Universities face a more varied cyber onslaught, with data breaches, hacktivism and ransomware surging as researchers draw nation-state attention.

Proofpoint warns that 36% of FIFA World Cup 2026 commercial partners still lack the strongest DMARC settings, leaving fans exposed to spoofed emails.

KnowBe4 and Synthesia launch AI avatar videos for security training, letting firms create, revise and localise content faster across 130 languages.

Securin says healthcare faces ransomware attacks about every 10 hours, with hospitals repeatedly hit via known flaws, stolen credentials and remote access.

Anthropic is to give UK banks controlled access to its Mythos AI model, as financial firms brace for a new era of autonomous cyber threats.

ESET survey finds North American SMBs increasingly buying cyber cover, with insurers shaping controls and managed detection services after repeated breaches.

Appdome unveils mobile API defence that checks app, device and session identity before granting access, targeting bot abuse and takeover attacks.

Ecommpay urges eCommerce overhaul as fraud report says current controls miss social engineering, distort competition and leave merchants exposed.

Rue Gilt Groupe brings Riskified identity scoring into Zendesk as retailers race to stop refund abuse without slowing customer service.

ReliaQuest says suspected former Black Basta operators are bombarding staff with emails and posing as IT support in Microsoft Teams to reach senior executives.

Trustifi rolls out AI-powered training videos for managed service providers, turning real phishing emails into branded simulations inside one dashboard.

VIPRE expands into student cyber safety with age-based lessons on phishing, AI impersonation and online abuse for schools and partners.

KnowBe4 unveils Agent Risk Manager to monitor autonomous AI agents in real time, flag prompt injections and curb rogue data access.

Enterprises urged to overhaul cyber defences as Anthropic's upcoming Mythos model raises fears of faster phishing, deepfakes and automated attacks.

Booking.com tells some customers to watch for phishing after suspicious activity exposed reservation details, contact data and messages linked to bookings.

Doppel secures three ISO certifications for AI governance, security and privacy, as enterprise buyers demand stronger assurance against AI-driven cyber threats.

Researchers link Android banking trojan to Cambodia scam compound, exposing a malware-for-hire network impersonating banks and agencies across 21 countries.