Phishing Blog- 2026 2025 2024 2023 2022 2021 2020 2019 2018
APT blog Attack blog BigBrother blog BotNet blog Cyber blog Cryptocurrency blog Exploit blog Hacking blog ICS blog Incident blog IoT blog Malware blog OS Blog Phishing blog Ransom blog Safety blog Security blog Social blog Spam blog Vulnerebility blog
DATE | NAME | Info | CATEG. | WEB |
| 7.3.26 | Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale | Tycoon2FA has become a leading phishing-as-a-service (PhaaS) platforms, enabling campaigns that reach over 500,000 organizations monthly, prompting Microsoft’s Digital Crimes Unit (DCU) to work with Europol and industry partners to facilitate a disruption of Tycoon2FA’s infrastructure and operations. | Phishing blog | Microsoft blog |
| 7.3.26 | Europol, Microsoft, TrendAI™ and Collaborators Halt Tycoon 2FA Operations | Tycoon 2FA was dismantled this week by law enforcement and industry partners including TrendAI™. The phishing-as-a-service platform offered MFA bypass services using adversary-in-the-middle (AitM) proxying. | Phishing blog | Trend Micro |
| 21.2.26 | Phishing on the Edge of the Web and Mobile Using QR Codes | This article explores the misuse of QR codes in today's threat landscape, covering three areas of concern: | Phishing blog | Palo Alto |
| 7.2.2026 | Why Smart People Fall For Phishing Attacks | The cybersecurity landscape of 2026 is stronger than ever with countless security resources and protective tools. Despite robust defenses at anyone’s fingertips, common phishing scams and spoofing attacks remain an ongoing issue. Unfortunately, the reality is that these attacks aren’t disappearing; they’re simply evolving. | Phishing blog | Palo Alto |
| 7.2.2026 | Cybereason TTP Briefing Q4 2025: Diverse Phishing Tactics and RATs on the Rise | Explore the most effective trends, techniques, and procedures used by threat actors in Q4 2025, with frontline threat intelligence from our incident response experts. | Phishing blog | Cybereason |
| 1.2.26 | Special Alert: SLSH Malicious "Supergroup" Targeting 100+ Organizations via Live Phishing Panels | A massive identity-theft campaign is currently active, targeting Okta Single Sign-On (SSO) and other SSO platform accounts across 100+ high-value enterprises. | Phishing blog | Silent Push |
| 24.1.26 | The Next Frontier of Runtime Assembly Attacks: Leveraging LLMs to Generate Phishing JavaScript in Real Time | Imagine visiting a webpage that looks perfectly safe. It has no malicious code, no suspicious links. Yet, within seconds, it transforms into a personalized phishing page. | Phishing blog | Palo Alto |
| 17.1.26 | In Q4 2025, Microsoft once again ranked as the most impersonated brand in phishing attacks, ... | Phishing blog | CHECKPOINT | |
| 17.1.26 | Ransomware and Supply Chain Attacks Soared in 2025 | The threat landscape shifted significantly in 2025. Here are the threats and trends to watch as we enter 2026. | Phishing blog | |
| 17.1.26 | Mamba Phishing-as-a-Service Kit: How Modern adversary-in-the-middle (AiTM) Attacks Operate | INTRODUCTION CYFIRMA assesses that Mamba 2FA is a representative of a broader class of adversary-in-the-middle phishing frameworks that have become increasingly prevalen | Phishing blog | |
| 17.1.26 | The Unfriending Truth: How to Spot a Facebook Phishing Scam Before It's Too Late | In the second half of 2025, Trellix observed a surge in credential-stealing Facebook phishing scams, particularly those using the sophisticated "Browser in the Browser" (BitB) technique to trick users with fake login pop-ups. | Phishing blog | Trelix |
| 10.1.26 | Beyond MFA: Identity Abuse Through Token Interception and Consent Manipulation | EXECUTIVE SUMMARY Multi-Factor Authentication (MFA) has long been positioned as a definitive control against credential-based attacks. However, recent phishing campaigns | Phishing blog | |
| 10.1.26 | Phishing actors exploit complex routing and misconfigurations to spoof domains | Threat actors are exploiting complex routing scenarios and misconfigured spoof protections to send spoofed phishing emails, crafted to appear as internally sent messages. | Phishing blog | Microsoft blog |