A new malicious kit called EvilTokens integrates device code phishing capabilities, allowing attackers to hijack Microsoft ...

A credential phishing campaign that likely relied on AI-generated code to evade detection has been stopped by Microsoft Threat Intelligence. The attack, which targeted organizations in the US, ...

The phishing-as-a-service toolkit leverages legitimate authentication to capture tokens and access Microsoft 365 services.

Researchers warn of new VENOM phishing kit ...

A new wave of device code phishing shows how threat actors are scaling account compromise using AI and end‑to‑end automation.

Threat actors using a previously undocumented phishing-as-a-service (PhaaS) platform called "VENOM" are targeting credentials ...

A large-scale credential theft campaign targeting senior executives has been linked to a previously unknown automated ...

Proofpoint Exec: ‘Phishing is the Leading Cause of Breaches Globally’ Your email has been sent During Proofpoint Protect 2025, company leaders detailed how AI is being used in phishing trends and in ...

Scammers are using fake traffic violation texts with QR codes to steal personal and financial data, posing as state courts ...

AI generated code used in phishing campaign, blocked by Microsoft Defender Attackers used SVG file disguised as PDF, with hidden business themed code inside Security Copilot flagged AI style traits, ...

Email security has long dominated the enterprise security conversation — and rightfully so. It remains a key vector for phishing, credential theft, and social engineering. But in 2025, the threat ...