A new phishing and malware distribution toolkit called MatrixPDF allows attackers to convert ordinary PDF files into interactive lures that bypass email security and redirect victims to credential ...

A UC San Diego study found phishing training programs are basically useless, with employees just as likely to click scam emails whether or not they took training.

A new study reveals that success is measured in the single digits in the best-case scenario. Here's what companies should do instead.

SpyCloud’s latest research reveals a 10-point rise year-over-year in phishing-driven ransomware attacks, amid growing AI-powered cybercrime and widespread infostealer infectionsAUSTIN, Texas, Sept. 23 ...

SPRINGFIELD October is Cybersecurity Awareness Month, and Illinois Comptroller Susana A. Mendoza is reminding the public to be wary of potentially fraudulent ...

The phishing-as-a-service (PhaaS) offerings known as Lighthouse and Lucid has been linked to more than 17,500 phishing domains targeting 316 brands from 74 countries.

Arranging phishing training for employees and ensuring engagement and participation is an HR responsibility that often gets ignored.

Amatera Stealer, once launched, gathers system information, collects files matching a predefined list of extensions, and harvests data from Chromium- and Gecko-based browsers, as well as applications ...

Phishing and vulnerability exploitation accounted for the vast majority of initial access in cyber-attacks against EU organizations over the past year, according to ENISA. The EU security agency ...

When speaking to and surveying end-users about security tools and policies, a few themes frequently arise. One of them is behavioral fatigue. Google Cloud found that 61% of admins reported being ...

Attackers are exploiting low-code AI platforms such as Vercel, Netlify, and Lovable to rapidly build phishing sites that look legitimate, trick users, and bypass automated security tools.