Phishing Scam

2 minute read

FBI Warns of Kali365 Phishing Service Targeting Microsoft 365 Account

FBI warns of Kali365, a PaaS scam kit that lets cybercriminals bypass MFA and hijack Microsoft 365 accounts without passwords.

byDeeba Ahmed

May 22, 2026

5 minute read

Fake Word Phishing Reveals Enterprise Blind Spot in Trusted Remote Access Tools

Disclosure: This article was provided by ANY.RUN. The information and analysis presented are based on their research and findings.

byOwais Sultan

May 20, 2026

2 minute read

Scammers Send Physical Phishing Letters to Steal Ledger Wallet Seed Phrases

Scammers are mailing fake Ledger phishing letters to users in Italy with QR codes that trick crypto wallet users into revealing seed phrases.

byWaqas

May 17, 2026

2 minute read

CalPhishing Scam Uses EvilTokens Kit, Outlook Invites to Steal M365 Sessions

Hackers are exploiting Outlook calendar invites and device code phishing to steal M365 session tokens, bypass MFA and breach enterprise accounts.

byDeeba Ahmed

May 15, 2026

2 minute read

Hackers Exploit Vercel GenAI to Mass-Produce Convincing Phishing Sites

Hackers are abusing Vercel GenAI to create convincing phishing sites that mimic major brands, including Microsoft, Adidas, and Nike, making scams harder to detect.

byDeeba Ahmed

May 11, 2026

3 minute read

Scammers Use Hidden Text to Bypass AI Email Filters in Phishing Scams

Scammers are hiding invisible text inside phishing emails to manipulate AI-powered email filters and increase the chances of scams reaching inboxes.

byDeeba Ahmed

May 7, 2026

2 minute read

Google AppSheet Exploited in 30,000-User Facebook Phishing Operation

Scammers are abusing Google AppSheet and Google Drive to bypass security filters and steal thousands of Facebook Business accounts globally.

byDeeba Ahmed

May 2, 2026

New Bluekit Phishing Kit Targets Major Platforms with MFA B

2 minute read

New AI-Powered Bluekit Phishing Kit Targets Major Platforms with MFA Bypass Attacks

Bluekit Phishing Kit is a new PhaaS tool that targets major platforms, using AiTM techniques to steal session data and bypass MFA protections.

byDeeba Ahmed

April 29, 2026

2 minute read

New DHL Phishing Scam Uses 11-Step Attack Chain to Steal Passwords

Forcepoint’s X-Labs reports an 11-step DHL phishing scam that uses fake OTP codes and EmailJS to harvest user credentials and device telemetry.

byDeeba Ahmed

April 28, 2026

2 minute read

OpenSSF Flags Malware Campaign on Slack Posing as Linux Foundation Figures

OpenSSF warns hackers impersonate Linux Foundation leaders on Slack, tricking developers into installing malware that can compromise entire systems.

byDeeba Ahmed

April 13, 2026

The Latest

27,000-Download Codex UI Tool Secretly Stole OpenAI Refresh Tokens

Fake Anthropic Sites Deliver Fileless Infostealer to Claude Code Users

The Deliverability Problem: How New Platforms Are Solving Inbox Placement

The CISO Whisperer’s Watch List For The Gartner Security & Risk Management Summit 2026

FBI Warns of Kali365 Phishing Service Targeting Microsoft 365 Account

Fake Word Phishing Reveals Enterprise Blind Spot in Trusted Remote Access Tools

Scammers Send Physical Phishing Letters to Steal Ledger Wallet Seed Phrases

CalPhishing Scam Uses EvilTokens Kit, Outlook Invites to Steal M365 Sessions

Hackers Exploit Vercel GenAI to Mass-Produce Convincing Phishing Sites

Scammers Use Hidden Text to Bypass AI Email Filters in Phishing Scams

Google AppSheet Exploited in 30,000-User Facebook Phishing Operation

New AI-Powered Bluekit Phishing Kit Targets Major Platforms with MFA Bypass Attacks

New DHL Phishing Scam Uses 11-Step Attack Chain to Steal Passwords

OpenSSF Flags Malware Campaign on Slack Posing as Linux Foundation Figures

The CISO Whisperer’s Watch List For The Gartner Security & Risk Management Summit 2026

Link11 is fully committed to Europe and is opening a Customer Excellence Hub in Lisbon

Criminal IP Returns to Infosecurity Europe 2026 with Advanced AI-Driven TI & ASM

Two-Thirds of Nonhuman Accounts Are Unseen and Unmanaged, According to Orchid Security’s Identity Gap Report

Lyrie.ai Joins First Batch of Anthropic’s Cyber Verification Program