Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse
Cybersecurity researchers are calling attention to an active device code phishing campaign…
Attackers Don’t Just Send Phishing Emails. They Weaponize Your SOC’s Workload
The most dangerous phishing campaigns aren’t just designed to fool employees. Many…
Malicious Chrome Extensions Caught Stealing Business Data, Emails, and Browsing History
Cybersecurity researchers have discovered a malicious Google Chrome extension that's designed to…
First Malicious Outlook Add-In Found Stealing 4,000+ Microsoft Credentials
Cybersecurity researchers have discovered what they said is the first known malicious…
SmarterMail Fixes Critical Unauthenticated RCE Flaw with CVSS 9.3 Score
Ravie LakshmananJan 30, 2026Vulnerability / Email Security SmarterTools has addressed two more…
Cisco Patches Zero-Day RCE Exploited by China-Linked APT in Secure Email Gateways
Jan 16, 2026Ravie LakshmananVulnerability / Web Security Cisco on Thursday released security…
FBI Warns North Korean Hackers Using Malicious QR Codes in Spear-Phishing
Jan 09, 2026Ravie LakshmananMobile Security / Email Security The U.S. Federal Bureau…
CISA Retires 10 Emergency Cybersecurity Directives Issued Between 2019 and 2024
Jan 09, 2026Ravie LakshmananGovernment / Vulnerability Management The U.S. Cybersecurity and Infrastructure…
MuddyWater Launches RustyWater RAT via Spear-Phishing Across Middle East Sectors
Jan 10, 2026Ravie LakshmananCyber Espionage / Malware The Iranian threat actor known…