Tag: email
-
LuxSci Launches Enterprise-Grade HIPAA-Compliant Email Security for Mid-Sized Healthcare Organizations
Cambridge, MA, 5th May 2026, CyberNewswire First seen on hackread.com Jump to article: hackread.com/luxsci-launches-enterprise-grade-hipaa-compliant-email-security-for-mid-sized-healthcare-organizations/
-
Fake SSA Emails Drive Venomous#Helper Phishing Campaign
Venomous#Helper attackers impersonate the US Social Security Administration to deploy signed RMM software and maintain persistent access across US networks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ssa-emails-venomous-helper-phishing/
-
Educational company Instructure reports cyber incident
By Saturday, Infrastructure’s chief information security officer Steve Proud confirmed that the hackers gained access to information about users at some educational institutions, including names, email addresses, student ID numbers and messages between users. First seen on therecord.media Jump to article: therecord.media/infrastructure-education-company-canvas-incident
-
ShinyHunters claims dump puts 119K Vimeo emails in the wild
Vimeo points finger at analytics supplier Anodot, says no logins or card data were touched First seen on theregister.com Jump to article: www.theregister.com/2026/05/05/shinyhunters_dump_puts_119k_vimeo/
-
Proton Mail rolls out post-quantum encryption for all users as industry braces for ‘harvest now, decrypt later’ threat
Proton Mail has today announced the rollout of post-quantum encryption (PQC) across its email platform, making quantum-resistant key generation available to all users, including those on free plans, in what the company describes as a proactive step ahead of the quantum computing era. The feature, which users can opt into via Proton Mail’s encryption key…
-
Microsoft warns of global campaign stealing auth tokens from 35K users
Microsoft revealed a phishing campaign hitting 35,000 users in 26 countries, stealing login tokens via fake code-of-conduct emails and legit services. Microsoft disclosed a major phishing campaign that targeted over 35,000 users across 26 countries in mid-April 2026. Attackers used fake “code of conduct” emails sent through legitimate platforms to trick recipients into visiting bogus…
-
Attackers Exploit Amazon SES to Send Authenticated Phishing Emails
Attackers are increasingly abusing Amazon Simple Email Service (SES) to deliver highly convincing phishing emails that bypass traditional security controls, marking a growing trend in email-based threats. The primary goal of any phishing campaign is to evade detection while tricking victims into revealing sensitive data. To achieve this, threat actors continuously refine their techniques, using…
-
Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries
Microsoft has disclosed details of a large-scale credential theft campaign that has leveraged a combination of code of conduct-themed lures and legitimate email services to direct users to attacker-controlled domains and steal authentication tokens.The multi-stage campaign, observed between April 14 and 16, 2026, targeted more than 35,000 users across over 13,000 organizations in 26 countries,…
-
Amazon SES Phishing: Angriffe über geleakte AWS-Zugangsdaten
Cyberkriminelle setzen verstärkt auf legitime Cloud-Dienste, um täuschend echte Phishing-Angriffe durchzuführen. Besonders Amazon Simple Email Service gerät dabei ins Visier, da er eigentlich für vertrauenswürdige Unternehmens-Kommunikation genutzt wird. Sicherheits-Forscher sehen darin eine neue Eskalationsstufe. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/amazon-ses-phishing
-
Amazon SES increasingly abused in phishing to evade detection
The Amazon Simple Email Service (SES) is being increasingly abused to send convincing phishing emails that can bypass standard security filters and render reputation-based blocks ineffective. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/amazon-ses-increasingly-abused-in-phishing-to-evade-detection/
-
Educational company Infrastructure reports cyber incident
By Saturday, Infrastructure’s chief information security officer Steve Proud confirmed that the hackers gained access to information about users at some educational institutions, including names, email addresses, student ID numbers and messages between users. First seen on therecord.media Jump to article: therecord.media/infrastructure-education-company-canvas-incident
-
ShinyHunters Claims Responsibility for Breach of EdTech Company Instructure
The prolific extortion group ShinyHunters claimed responsibility for the breach of Edtech vendor Instructure’s systems, stealing 3.65 TB of sensitive information, including names, email addresses, and messages of students, teachers, and others. ShinyHunters also reportedly behind an early attack of Instructure in September 2025. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/05/shinyhunters-claims-responsibility-for-breach-of-edtech-company-instructure/
-
EasyDMARC and KnowBe4 Partner to Advance Proactive Email Security as Phishing Fuels More Than One-Third of Cyberattacks
Originally published at EasyDMARC and KnowBe4 Partner to Advance Proactive Email Security as Phishing Fuels More Than One-Third of Cyberattacks by Anush Yolyan. Dover, Delaware and Tampa Bay, Florida – May … First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/05/easydmarc-and-knowbe4-partner-to-advance-proactive-email-security-as-phishing-fuels-more-than-one-third-of-cyberattacks/
-
Thousands of Facebook accounts stolen by phishing emails sent through Google
In an ongoing operation, hackers are hijacking Facebook accounts using Google AppSheet to send phishing emails that pass security checks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/05/thousands-of-facebook-accounts-stolen-by-phishing-emails-sent-through-google/
-
Silver Fox Deploys ABCDoor Malware via Tax-Themed Phishing in India and Russia
The China-based cybercrime group known as Silver Fox has been linked to a new campaign targeting organizations in Russia and India with a new malware called ABCDoor.The activity involved using phishing emails that mimic correspondence from the Income Tax Department of India in December 2025, followed by a similar campaign aimed at Russian entities.”Both waves…
-
Email Bombing, Fake IT Support Calls Drive Microsoft Teams Phishing Surge
Email bombing campaigns combined with fake IT support outreach are driving a surge in sophisticated Microsoft Teams phishing attacks. The attacks typically begin with email bombing, where victims are flooded with spam messages to create confusion and urgency. Shortly after, threat actors initiate contact via Microsoft Teams, impersonating internal IT support or helpdesk personnel. Posing…
-
Security Affairs newsletter Round 575 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Two US cybersecurity experts sentenced in ransomware case, third awaits July ruling Trellix discloses the breach…
-
30,000 Facebook Accounts Hacked via Google AppSheet Phishing Campaign
A newly discovered Vietnamese-linked operation has been observed using a Google AppSheet as a “phishing relay” to distribute phishing emails with an aim to compromise Facebook accounts.The activity has been codenamed AccountDumpling by Guardio, with the scheme selling the stolen accounts back through an illicit storefront run by the threat actors. In all, roughly 30,000…
-
Microsoft Flagged 8.3B Phishing Emails in Q1 as QR Codes, CAPTCHAs Rise
Microsoft flagged 8.3 billion phishing emails as attackers turned to QR codes, fake CAPTCHAs, PhaaS kits, and file-based payloads. The post Microsoft Flagged 8.3B Phishing Emails in Q1 as QR Codes, CAPTCHAs Rise appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-microsoft-phishing-emails-qr-codes-captcha-phaas/
-
As email phishing evolves, malicious attachments decline and QR codes surge
A new Microsoft report also describes the collapse of a once-dominant tool for generating phishing websites with fake CAPTCHAs. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/email-phishing-trends-microsoft-qr-codes/819077/
-
86% of Phishing Attacks are AI Driven, KnowBe4 Research Finds
KnowBe4, the digital workforce security provider, securing both AI agents and humans, has announced new research, Phishing Threat Trends Report Volume Seven. The report finds a seismic shift in the attack vectors utilized to conduct phishing attacks, including touchpoints outside of traditional email communication such as calendar invitations and messaging tools. “The inbox is no…
-
CAPTCHA and ClickFix Abuse Fuels Credential Theft Surge
Attackers are increasingly combining QR codes, fake CAPTCHA gates, and ClickFix-style tricks to steal credentials at scale, even as major phishing-as-a-service (PhaaS) platforms face disruption. These tactics shift risk from traditional malware attachments to highly convincing, hosted phishing flows that are harder for both users and email filters to spot. Across this volume, 78% of…
-
Open-source privacy proxy masks PII before prompts reach external AI services
Enterprise developers routinely send prompts to external large language models that contain customer emails, support transcripts, and other identifying information, often … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/01/open-source-pii-privacy-proxy/
-
More PayPal emails hijacked to deliver tech support scams
We investigate how scammers are abusing PayPal’s systems to push victims into calling fake support numbers. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/more-paypal-emails-hijacked-to-deliver-tech-support-scams/
-
Bot her emails: most modern phishing campaigns are AI-enabled
KnowBe4 says 86% of phishing it tracked used AI, and inboxes are only the start First seen on theregister.com Jump to article: www.theregister.com/2026/04/30/modern_phishing_campaigns_ai/
-
Nearly half of UK businesses pwned last year as phishing keeps doing the job like it’s 2005
Turns out the real problem is not AI but staff still clicking on dodgy emails from ‘IT support’ First seen on theregister.com Jump to article: www.theregister.com/2026/04/30/almost_half_of_uk_firms/
-
Nearly half of UK businesses pwned last year as phishing keeps doing the job like it’s 2005
Turns out the real problem is not AI but staff still clicking on dodgy emails from ‘IT support’ First seen on theregister.com Jump to article: www.theregister.com/2026/04/30/almost_half_of_uk_firms/
-
Nearly half of UK businesses pwned last year as phishing keeps doing the job like it’s 2005
Turns out the real problem is not AI but staff still clicking on dodgy emails from ‘IT support’ First seen on theregister.com Jump to article: www.theregister.com/2026/04/30/almost_half_of_uk_firms/
-
Hackers Abuse Robinhood Signup Process to Deliver Phishing Emails
Robinhood fixed an account-creation flaw that hackers abused to send convincing phishing emails from its own system to some users over the weekend. The post Hackers Abuse Robinhood Signup Process to Deliver Phishing Emails appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-robinhood-phishing-emails-official-address/