Advertisement
Enterprise Browser Security: Emerging Blind Spots & AI Web Tool Risks
Keep Aware's 2026 report reveals critical enterprise browser security gaps, citing AI web tool use, phishing, and extensions as major blind spots for defenders.
Phishing Campaign Leverages Fake Google PWA to Steal Credentials, MFA
A sophisticated phishing campaign uses a fake Google Security PWA to compromise accounts, steal MFA codes, and proxy traffic. Learn how to protect.
TOAD Emails: The 'Call This Number' Gateway Bypass Threat
Attackers use Telephone-Oriented Attack Delivery (TOAD) with 'call this number' emails to bypass gateways, relying on social engineering post-call.
Open Redirects: Overlooked Vulnerability Impact & Analysis
An analysis of open redirect vulnerabilities, their historical context in OWASP, common exploitation vectors like phishing, and essential mitigation strategies.
AI-Enabled Threats: Model Extraction, APT Phishing, & Malware Evolution
GTIG reports on Q4 2025 AI threats: rising model extraction, APTs using AI for reconnaissance and phishing, and new AI-integrated malware families like HONESTCUE and
Typosquatting: Deceptive Domains for Credential Theft & Malware
Analysis of typosquatting campaigns leveraging deceptive domain names for phishing, credential harvesting, and malware delivery, bypassing traditional detections.
UAC-0050 Targets European Financial Institutions with RMS Malware
Russia-aligned actor UAC-0050 expands operations beyond Ukraine, targeting European financial entities with spoofed domains and RMS malware for espionage.