Phishing Blog- 2026 2025 2024 2023 2022 2021 2020 2019 2018
APT blog Attack blog BigBrother blog BotNet blog Cyber blog Cryptocurrency blog Exploit blog Hacking blog ICS blog Incident blog IoT blog Malware blog OS Blog Phishing blog Ransom blog Safety blog Security blog Social blog Spam blog Vulnerebility blog
DATE | NAME | Info | CATEG. | WEB |
| 25.4.26 | Phishing and MFA exploitation: Targeting the keys to the kingdom | In 2025, attackers increasingly targeted weaknesses in multi-factor authentication (MFA) workflows, and phishing attacks leveraged valid, compromised credentials to launch lures from trusted accounts. The trends focused entirely on trust, or the lack thereof, in everyday business operations. | Phishing blog | CISCO TALOS |
| 18.4.26 | The n8n n8mare: How threat actors are misusing AI workflow automation | Cisco Talos research has uncovered agentic AI workflow automation platform abuse in emails. Recently, we identified an increase in the number of emails that abuse n8n, one of these platforms, from as early as October 2025 through March 2026. | Phishing blog | CISCO TALOS |
| 11.4.26 | The Trojan horse of cybercrime: Weaponizing SaaS notification pipelines | Cisco Talos has recently observed an increase in activity that is leveraging notification pipelines in popular collaboration platforms to deliver spam and phishing emails. | Phishing blog | CISCO TALOS |
| 28.3.26 | When tax season becomes cyberattack season: Phishing and malware campaigns using tax-related lures | During tax season, threat actors reliably take advantage of the urgency and familiarity of time-sensitive emails, including refund notices, payroll forms, filing reminders, and requests from tax professionals, to push malicious attachments, links, or QR codes. | Phishing blog | Microsoft blog |
| 7.3.26 | Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale | Tycoon2FA has become a leading phishing-as-a-service (PhaaS) platforms, enabling campaigns that reach over 500,000 organizations monthly, prompting Microsoft’s Digital Crimes Unit (DCU) to work with Europol and industry partners to facilitate a disruption of Tycoon2FA’s infrastructure and operations. | Phishing blog | Microsoft blog |
| 7.3.26 | Europol, Microsoft, TrendAI™ and Collaborators Halt Tycoon 2FA Operations | Tycoon 2FA was dismantled this week by law enforcement and industry partners including TrendAI™. The phishing-as-a-service platform offered MFA bypass services using adversary-in-the-middle (AitM) proxying. | Phishing blog | Trend Micro |
| 21.2.26 | Phishing on the Edge of the Web and Mobile Using QR Codes | This article explores the misuse of QR codes in today's threat landscape, covering three areas of concern: | Phishing blog | Palo Alto |
| 7.2.2026 | Why Smart People Fall For Phishing Attacks | The cybersecurity landscape of 2026 is stronger than ever with countless security resources and protective tools. Despite robust defenses at anyone’s fingertips, common phishing scams and spoofing attacks remain an ongoing issue. Unfortunately, the reality is that these attacks aren’t disappearing; they’re simply evolving. | Phishing blog | Palo Alto |
| 7.2.2026 | Cybereason TTP Briefing Q4 2025: Diverse Phishing Tactics and RATs on the Rise | Explore the most effective trends, techniques, and procedures used by threat actors in Q4 2025, with frontline threat intelligence from our incident response experts. | Phishing blog | Cybereason |
| 1.2.26 | Special Alert: SLSH Malicious "Supergroup" Targeting 100+ Organizations via Live Phishing Panels | A massive identity-theft campaign is currently active, targeting Okta Single Sign-On (SSO) and other SSO platform accounts across 100+ high-value enterprises. | Phishing blog | Silent Push |
| 24.1.26 | The Next Frontier of Runtime Assembly Attacks: Leveraging LLMs to Generate Phishing JavaScript in Real Time | Imagine visiting a webpage that looks perfectly safe. It has no malicious code, no suspicious links. Yet, within seconds, it transforms into a personalized phishing page. | Phishing blog | Palo Alto |
| 17.1.26 | In Q4 2025, Microsoft once again ranked as the most impersonated brand in phishing attacks, ... | Phishing blog | CHECKPOINT | |
| 17.1.26 | Ransomware and Supply Chain Attacks Soared in 2025 | The threat landscape shifted significantly in 2025. Here are the threats and trends to watch as we enter 2026. | Phishing blog | |
| 17.1.26 | Mamba Phishing-as-a-Service Kit: How Modern adversary-in-the-middle (AiTM) Attacks Operate | INTRODUCTION CYFIRMA assesses that Mamba 2FA is a representative of a broader class of adversary-in-the-middle phishing frameworks that have become increasingly prevalen | Phishing blog | |
| 17.1.26 | The Unfriending Truth: How to Spot a Facebook Phishing Scam Before It's Too Late | In the second half of 2025, Trellix observed a surge in credential-stealing Facebook phishing scams, particularly those using the sophisticated "Browser in the Browser" (BitB) technique to trick users with fake login pop-ups. | Phishing blog | Trelix |
| 10.1.26 | Beyond MFA: Identity Abuse Through Token Interception and Consent Manipulation | EXECUTIVE SUMMARY Multi-Factor Authentication (MFA) has long been positioned as a definitive control against credential-based attacks. However, recent phishing campaigns | Phishing blog | |
| 10.1.26 | Phishing actors exploit complex routing and misconfigurations to spoof domains | Threat actors are exploiting complex routing scenarios and misconfigured spoof protections to send spoofed phishing emails, crafted to appear as internally sent messages. | Phishing blog | Microsoft blog |