Advertisement
Bypassing Identity Verification: Mitigating Phishing & MFA Fatigue
Attackers exploit weak identity verification through phishing, MFA fatigue, and social engineering. Learn best practices to secure access.
MSI-Branded Image Steganography: Analysis of WeTransfer Phishing
Analysis of a recurring phishing campaign using steganography in MSI-branded images to deliver malicious payloads via WeTransfer links and bypass security.

TA4922 Expands Global Cybercrime: Analysis of Diverse TTPs
Runtime Rebel analyzes TA4922's expanding global cybercrime operations, detailing diverse TTPs and providing actionable mitigation strategies for security professionals.
VS Code Zero-Day Exploit: Stealing GitHub Tokens via URI Handlers
Security researcher mthcht reveals a VS Code zero-day vulnerability allowing GitHub token theft via URI handlers. Learn how to defend against this exploit.
New Phishing Campaign Exploits SVG Attachments to Evade Filters
Security researchers report a wave of phishing emails using malicious SVG attachments to deliver scripts and bypass email security gateways. Learn how to defend.
Quishing Evasion: Malicious QR Codes Bypassing Security Filters
A technical analysis of how malicious QR codes (quishing) bypass email security filters and actionable mitigation steps for security operations centers.
ChatGPT Share Link Abuse: Fake Outages Deliver Malware
Threat actors leverage ChatGPT share links to host deceptive outage pages, prompting users to download malware disguised as an official desktop app.
Trump Mobile Data Breach and 2026 FIFA World Cup Phishing Risks
Analysis of the Trump Mobile data breach, upcoming 2026 FIFA World Cup phishing campaigns, and CISA's strategic response to recent supply chain attacks.
BTMOB Android Malware: Analyzing Phishing-Driven Full Device Takeover
BTMOB malware targets Android users via phishing, utilizing VNC and accessibility services to facilitate financial theft and total remote device control.
Ocean Launches Agentic AI Email Security Platform with $28M Funding
Ocean emerges from stealth with $28M to deploy specialized AI agents that simulate human reasoning to detect sophisticated phishing and BEC threats.
Abuse of MSHTA in Stealthy Malware Delivery Chains
Attackers are abusing the legacy Windows MSHTA utility to deliver malware silently via phishing and fake downloads, bypassing EDR through LOLBIN techniques.
Anatomy of E-Commerce Fraud: Detecting and Mitigating Phishing Sites
A technical analysis of fraudulent retail infrastructure, exploring domain spoofing, CDN obfuscation, and credit card exfiltration techniques.