Phishing 2025

Phishing 2025 2026() 2025() 2024() 2023() 2022()

13.12.25	BlackForce	Technical Analysis of the BlackForce Phishing Kit	PHISHING	KIT
13.12.25	Spiderman	Spiderman Phishing Kit Mimics Top European Banks With A Few Clicks	PHISHING	KIT
13.12.25	GhostFrame	Threat Spotlight: Introducing GhostFrame, a new super stealthy phishing kit	PHISHING	KIT
23.11.25	Sneaky2FA Browser-in-the-Browser phishing page	We recently came across an interesting phishing example indicating that the authors of the Sneaky2FA criminal Phishing-as-a-Service (PhaaS) kit have added Browser-in-the-Browser (BITB) functionality to their repertoire. Here’s what we found.	PHISHING	Platform
22.11.25	Matrix Push C2	New Matrix Push C2 Abuses Push Notifications to Deliver Malware	PHISHING	Platform
10.10.25	Next-Gen ClickFix Phishing Attacks	Malvertising Campaign Hides in Plain Sight on WordPress Websites	PHISHING	PHISHING
21.9.25	Uncloaking VoidProxy	Uncloaking VoidProxy: a Novel and Evasive Phishing-as-a-Service Framework	PHISHING	PHAAS
20.9.25	Lucid Phishing-as-a-Service	Inside the Lighthouse and Lucid PhaaS Campaigns Targeting 316 Global Brands	PHISHING	PHAAS
4.9.25	Iran-Nexus Spear phishing Campaign	Iran-Nexus Spear phishing Campaign Masquerades as Omani MFA to Target Global Governments.	PHISHING	PHISHING
5.6.25	Vishing Threats	Hello, Operator? A Technical Analysis of Vishing Threats	PHISHING	Vishing
24.4.25	Darcula phishing-as-a-service	AI-Enabled Darcula-Suite Makes Phishing Kits More Accessible, Easier to Deploy	PHISHING	PHaaS
23.4.25	Phishing for Codes	Phishing for Codes: Russian Threat Actors Target Microsoft 365 OAuth Workflows	PHISHING	PHISHING
15.4.25	Precision-Validated Phishing	The Rise of Precision-Validated Credential Theft: A New Challenge for Defenders	PHISHING	PHISHING
13.4.25	Tycoon2FA	Tycoon2FA New Evasion Technique for 2025	PHISHING	Kit
9.4.25	VibeScamming	VibeScamming — From Prompt to Phish: Benchmarking Popular AI Agents’ Resistance to the Dark Side	PHISHING	AI
2.4.25	Lucid Phishing-as-a-Service	Lucid is a sophisticated Phishing-as-a-Service (PhAAS) platform operated by Chinese-speaking threat actors, targeting 169 entities across 88 countries globally. With 129 active instances and 1000+ registered domains, Lucid ranks among prominent PhAAS platforms, alongside Darcula and Lighthouse	PHISHING	Platform
28.3.25	Morphing Meerkat	A Phishing Tale of DoH and DNS MX Abuse	PHISHING	PHaaS
22.2.25	Darcula phishing-as-a-service	The Bleeding Edge of Phishing: darcula-suite 3.0 Enables DIY Phishing of Any Brand	PHISHING	PAAS
18.1.25	Sneaky 2FA	Sneaky 2FA: exposing a new AiTM Phishing-as-a-Service	PHISHING	PHISHING
18.1.25	Star Blizzard	New Star Blizzard spear-phishing campaign targets WhatsApp accounts	PHISHING	PHISHING