Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

knowbe4

What Happens If I Click A Phishing Link?

Feb 21, 2026 By James Dyer In KnowBe4
Phishing is the most prominent form of cyber-attack, regularly prompting email recipients into disclosing their personal information, credentials, downloading malware, or paying fraudulent invoices. Phishing can result in cybercriminals gaining unauthorized access to organizations’ data, network systems, or applications. People can be understandably alarmed once they realize they’ve clicked on a phishing link.
Read Post
Phishing Kit Attacks Are Now Everywhere: How SOC Analysts Can Detect Them

Phishing Kit Attacks Are Now Everywhere: How SOC Analysts Can Detect Them

Feb 18, 2026 By SecuritySenses In SecuritySenses
Phishing kits have changed the speed of compromise. Attackers no longer need malware or complex tooling. With ready-made phishing platforms, they can launch large-scale credential theft campaigns that bypass MFA and deliver valid sessions almost instantly. By the time an alert reaches the SOC, the attacker may already be inside. Stopping these attacks now depends on seeing the full phishing chain early, before stolen access turns into business damage.
Read Post
bitsight

A Match Made in Heaven: How Valentine's Day Fuels Seasonal Phishing Attacks

Feb 12, 2026 By Emma Stevens In BitSight
Valentine’s Day runs on emotion. Surprise, urgency, curiosity, trust, love. For threat actors, that combination is hard to beat. Every year in mid-February, security teams see the same pattern. Phishing campaigns pick up. Brand impersonation increases. Fraud attempts follow close behind. It is not because attackers suddenly developed new techniques.
Read Post
knowbe4

Uncovering the Sophisticated Phishing Campaign Bypassing M365 MFA

Feb 12, 2026 By KnowBe4 Threat Lab In KnowBe4
Lead Analysts: Jeewan Singh Jalal, Prabhakaran Ravichandhiran and Anand Bodke KnowBe4 Threat Labs has detected a sophisticated phishing campaign targeting North American businesses and professionals. This attack compromises Microsoft 365 accounts (Outlook, Teams, OneDrive) by abusing the OAuth 2.0 Device Authorization Grant flow, bypassing strong passwords and Multi-Factor Authentication (MFA).
Read Post
knowbe4

Voice Phishing Kits Give Threat Actors Real-Time Control Over Attacks

Feb 12, 2026 By KnowBe4 Team In KnowBe4
Researchers at Okta warn that a series of phishing kits have emerged that are designed to help threat actors launch sophisticated voice phishing (vishing) attacks that can bypass multifactor authentication. “The most critical of these features are client-side scripts that allow threat actors to control the authentication flow in the browser of a targeted user in real-time while they deliver verbal instructions or respond to verbal feedback from the targeted user,” Okta says.
Read Post

The browser blind spot: Phishing evolution and shadow AI risk with Cody Pierce

Feb 10, 2026 By LimaCharlie In LimaCharlie
Join us for this week's Defender Fridays as we explore browser security, phishing evolution, and the risks of shadow AI with Cody Pierce, CEO at Neon Cyber. At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.
View Video

What Is Phishing?

Feb 5, 2026 By Arctic Wolf Networks In Arctic Wolf
Phishing remains one of the most widespread and damaging cyber threats facing organizations today. Attackers craft deceptive messages designed to trick users into revealing credentials, financial information, or installing malware. To make matters worse, the tactics continue to evolve. Originating in the mid‑1990s, phishing has grown into a sophisticated weapon. Modern attackers now use AI, social media intelligence, and high‑quality impersonation techniques to create convincing campaigns that are harder than ever to detect.
View Video
knowbe4

Warning: A LinkedIn Phishing Campaign is Targeting Executives

Feb 3, 2026 By KnowBe4 Team In KnowBe4
A phishing campaign is abusing LinkedIn private messages to target executives and IT workers, according to researchers at ReliaQuest. The messages attempt to trick victims into opening an archive file, which will install a legitimate pentesting tool. “A critical element of this attack was the use of a legitimate, open-source Python script designed for pen-testing,” ReliaQuest says.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.