Phishing

2 minute read

FBI Warns of Kali365 Phishing Service Targeting Microsoft 365 Account

FBI warns of Kali365, a PaaS scam kit that lets cybercriminals bypass MFA and hijack Microsoft 365 accounts without passwords.

byDeeba Ahmed

May 22, 2026

5 minute read

Fake Word Phishing Reveals Enterprise Blind Spot in Trusted Remote Access Tools

Disclosure: This article was provided by ANY.RUN. The information and analysis presented are based on their research and findings.

byOwais Sultan

May 20, 2026

2 minute read

Government Backed Hackers Abuse Cloudflare in Malaysian Espionage Campaign

Government Backed Hackers abused Cloudflare storage services in a Malaysian espionage campaign involving hidden C2 systems and data exfiltration.

byWaqas

May 18, 2026

2 minute read

Scammers Send Physical Phishing Letters to Steal Ledger Wallet Seed Phrases

Scammers are mailing fake Ledger phishing letters to users in Italy with QR codes that trick crypto wallet users into revealing seed phrases.

byWaqas

May 17, 2026

2 minute read

CalPhishing Scam Uses EvilTokens Kit, Outlook Invites to Steal M365 Sessions

Hackers are exploiting Outlook calendar invites and device code phishing to steal M365 session tokens, bypass MFA and breach enterprise accounts.

byDeeba Ahmed

May 15, 2026

2 minute read

Hackers Exploit Vercel GenAI to Mass-Produce Convincing Phishing Sites

Hackers are abusing Vercel GenAI to create convincing phishing sites that mimic major brands, including Microsoft, Adidas, and Nike, making scams harder to detect.

byDeeba Ahmed

May 11, 2026

3 minute read

Scammers Use Hidden Text to Bypass AI Email Filters in Phishing Scams

Scammers are hiding invisible text inside phishing emails to manipulate AI-powered email filters and increase the chances of scams reaching inboxes.

byDeeba Ahmed

May 7, 2026

2 minute read

Google AppSheet Exploited in 30,000-User Facebook Phishing Operation

Scammers are abusing Google AppSheet and Google Drive to bypass security filters and steal thousands of Facebook Business accounts globally.

byDeeba Ahmed

May 2, 2026

New Bluekit Phishing Kit Targets Major Platforms with MFA B

2 minute read

New AI-Powered Bluekit Phishing Kit Targets Major Platforms with MFA Bypass Attacks

Bluekit Phishing Kit is a new PhaaS tool that targets major platforms, using AiTM techniques to steal session data and bypass MFA protections.

byDeeba Ahmed

April 29, 2026

2 minute read

New DHL Phishing Scam Uses 11-Step Attack Chain to Steal Passwords

Forcepoint’s X-Labs reports an 11-step DHL phishing scam that uses fake OTP codes and EmailJS to harvest user credentials and device telemetry.

byDeeba Ahmed

April 28, 2026

The Latest

Hackers Abused Meta’s AI Support Bot to Hijack Major Instagram Accounts

New WordPress Malware Uses Steam Profile Comments to Hide C2 Instructions

Halo Security Honored with 2026 MSP Today Product of the Year Award

Phishing

FBI Warns of Kali365 Phishing Service Targeting Microsoft 365 Account

Fake Word Phishing Reveals Enterprise Blind Spot in Trusted Remote Access Tools

Government Backed Hackers Abuse Cloudflare in Malaysian Espionage Campaign

Scammers Send Physical Phishing Letters to Steal Ledger Wallet Seed Phrases

CalPhishing Scam Uses EvilTokens Kit, Outlook Invites to Steal M365 Sessions

Hackers Exploit Vercel GenAI to Mass-Produce Convincing Phishing Sites

Scammers Use Hidden Text to Bypass AI Email Filters in Phishing Scams

Google AppSheet Exploited in 30,000-User Facebook Phishing Operation

New AI-Powered Bluekit Phishing Kit Targets Major Platforms with MFA Bypass Attacks

New DHL Phishing Scam Uses 11-Step Attack Chain to Steal Passwords

Halo Security Honored with 2026 MSP Today Product of the Year Award

RaccoonLine Publishes 2026 dVPN Buyer’s Guide for Privacy-Focused Users

The CISO Whisperer’s Watch List For The Gartner Security & Risk Management Summit 2026

Link11 is fully committed to Europe and is opening a Customer Excellence Hub in Lisbon

Criminal IP Returns to Infosecurity Europe 2026 with Advanced AI-Driven TI & ASM