Hackers hijack .arpa domain for phishing scams — hosting malicious websites and domains where no one can spot them

New phishing attacks weaponize the internet’s backbone using .arpa domains and clever tricks to evade security systems ...

Fake Google Security site uses PWA app to steal credentials, MFA codes

A phishing campaign is using a fake Google Account security page to deliver a web-based app capable of stealing one-time ...
Security Boulevard

Starkiller Phishing Framework Bypasses Defenses with Reverse Proxies, Takes an SaaS Approach

Starkiller is a new SaaS-style phishing framework that runs real brand websites inside headless Chrome containers, acting as a live reverse proxy to steal credentials, session tokens, and ...
SiliconANGLE

Cofense report warns of credential-harvesting attacks that spoof Proofpoint, Mimecast and Virtru

A new report out today from phishing defense company Cofense Inc. is warning of increasingly sophisticated phishing attacks that exploit trusted email security companies such as Proofpoint Inc., ...
Infosecurity Magazine

Darktrace Flags 32 Million Phishing Emails in 2025 as Identity Attacks Intensify

More than 32 million high-confidence phishing emails were detected by Darktrace in 2025, showcasing a substantial escalation in identity-driven cyber threats. The data was collected by Darktrace from ...
Infosecurity-magazine.com

Precision-Validated Phishing Elevates Credential Theft Risks

A sophisticated phishing method called precision-validated credential theft has emerged, enabling attackers to target high-value accounts while evading traditional security measures. Researchers from ...
Homeland Security Today

USDA Stops Credential Phishing with FIDO Authentication

As the saying goes, malicious actors don’t break in—they log in. There’s a significant truth in that statement. Today, many organizations struggle to protect their staff from credential phishing, a ...
NBC DFW

AI tools such as ChatGPT are generating a mammoth increase in malicious phishing emails

Here's one group that's leveraging generative artificial intelligence tools successfully: cybercriminals. Since the fourth quarter of 2022, there's been a 1,265% increase in malicious phishing emails, ...
9to5Mac

Bitwarden launches Access Intelligence aimed at fixing credential risks and blocking AI phishing

Apple @ Work is exclusively brought to you by Mosyle, the only Apple Unified Platform. Mosyle is the only solution that integrates in a single professional-grade platform all the solutions necessary ...
Homeland Security Today

Phishing Campaign Targets Login Credentials of Multiple U.S., International Government Procurement Services

The Anomali Threat Research Team identified a credential harvesting campaign designed to steal login details from multiple government procurement services. The procurement services are used by many ...
GovInfoSecurity

Phishing Platform Targeting Trucking and Logistics Disrupted

Cybersecurity investigators have identified, unmasked and disrupted a months-long organized criminal effort that developed a ...
Morningstar

Dashlane and Yubico Partner to Launch Phishing-Resistant, Passwordless Credential Vault Login

Dashlane integration with FIDO2 YubiKeys gives new Dashlane users the strongest available protection for vault access and encryption with device-bound passkeys, replacing the master password ...