Stay guarded with the latest phishing attack trends, prevention tips, and security news to protect your personal and organizational information.
Search across headline titles and summaries.
Background for this topic.
Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers. It occurs when an attacker, masquerading as a trusted entity, dupes a victim into opening an email, instant message, or text message. The recipient is then tricked into clicking on a malicious link, which can lead to the installation of malware, the freezing of the system as part of a ransomware attack, or the revealing of sensitive information.
In the context of information security, phishing is a significant threat as it relies on human vulnerability to circumvent security measures. These attacks can have devastating results, from unauthorized access to confidential data to substantial financial losses. Organizations and individuals must employ comprehensive security awareness training and implement robust security protocols to recognize and defend against phishing schemes.
Weekly headline count for the current query.
A recently fixed WinRAR vulnerability tracked as CVE-2025-8088 was exploited as a zero-day in phishing attacks to install the RomCom malware. [...]
The new Remcos RAT variant identified in a new phishing campaign exploits CVE-2017-0199 via malicious Excel files
The threat group used CVE-2024-38112 and a "zombie" version of IE to spread Atlantida Stealer through purported PDF versions of reference books.
The threat group used CVE-2024-38112 and a "zombie" version of IE to spread Atlantida Stealer through purported PDF versions of reference books.
Cyberattackers could exploit CVE-2023-20238 to carry out a variety of nefarious deeds, from data theft and code execution to phishing, fraud, and DoS.
The phishing emails contained Microsoft Word documents that exploited the CVE-2017-11882 flaw