1+ mon, 1+ week ago  (370+ words) A new phishing attack targeting Last Pass users has emerged, starting around March 1, 2026. The campaign, identified by Last Pass Threat Intelligence, Mitigation, and Escalation (TIME), involves malicious actors impersonating Last Pass support staff via fraudulent emails. These emails seek to…...

1+ mon, 2+ week ago  (411+ words) A new phishing-driven campaign is spreading Agent Tesla, using advanced in-memory techniques and process hollowing to bypass traditional security defenses. Agent Tesla continues to thrive under a Malware-as-a-Service (Maa S) model, allowing even low-skilled attackers to deploy complex attacks with minimal…...

2+ mon, 6+ day ago  (368+ words) In a major glitch hitting Microsoft Exchange Online, legitimate business emails are being wrongly tagged as phishing attempts. This service degradation, tracked as incident EX1227432, started on February 5, 2026, and has trapped valid messages in quarantine, blocking them from reaching inboxes. The…...

2+ mon, 1+ week ago  (323+ words) This tactic builds urgency and trust, common in business fraud, while evading email filters. The email lacks direct malicious links, relying instead on a PDF attachment for delivery. Its sparse, professional content helps it slip past SPF, DKIM, and DMARC…...

2+ mon, 1+ week ago  (301+ words) Disguised as Word or PDF files, these attachments deliver fileless malware that steals credentials and sets up persistent remote access. The campaign begins with emails asking recipients to "confirm the company's legal English name." Despite the double extension mimicking a…...

2+ mon, 4+ week ago  (218+ words) Google has begun rolling out a highly anticipated feature that allows users to change their Gmail address without losing their account data or access to Google services. The new capability, which is being gradually deployed to all users, enables those…...

3+ mon, 1+ week ago  (235+ words) Over 3, 000 organizations fell victim to a sophisticated phishing campaign in December 2025 that weaponized Google's legitimate application infrastructure to evade enterprise email security systems. This campaign represents a significant evolution in phishing tactics, as attackers exploited trusted platform infrastructure rather than…...

3+ mon, 2+ week ago  (184+ words) Google is gradually rolling out a new feature that allows users to change their existing@gmail. comemail address without creating a brand-new account. For years, Google Account holders were unable to alter their primary Gmail username after sign-up. If you…...