Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Threat Actor Uses Phishing to Breach Orgs for Ransomware Gangs

An initial access broker associated with the Payouts King ransomware group is using Microsoft Teams phishing to deploy a malicious Microsoft Edge web browser extension, according to researchers at Zscaler. Once the hackers have a foothold within an organization, they sell the access to the ransomware gang to conduct follow-on attacks.

From Awareness to Digital Workforce Security

Security must evolve from a static training program into dynamic, AI-powered human and AI risk orchestration embedded across the organization. The traditional model of security awareness aimed to get a message into people’s heads and hope it stayed there long enough to stop insecure actions. Organizations trained, tested, reported a completion rate to the auditor, and moved on.

Prompt Injection and the Rise of Agentic Risk

Boxers will often say, the punches that hurt the most aren’t the ones which are thrown with the most force, but the ones they didn’t see coming. I think the same is true in cybersecurity. It’s not the most advanced technically efficient, 0-day utilizing attacks that have the biggest impact, but rather those quiet ones. With no malware or suspicious login at three in the morning from an IP address in a country your company has never done business with. No alert fires.

Your Email is Protected. Is Your Teams Chat?

For years, security teams have poured resources into locking down the inbox, and for good reason. Email has always been the front door for phishing and social engineering. Unfortunately, another door has been left wide open: Microsoft Teams. Threat actors are increasingly posing as IT helpdesk staff inside Microsoft Teams chats, exploiting the built-in trust employees place in their internal collaboration tools to steal credentials and take over accounts.

Hyper-Targeted Social Engineering Needs Real-Time Video Response

There’s an important metric that can tell you exactly how vulnerable your high-risk employees and departments are to the next generation of social engineering. It’s not phishing click rates or training completion percentages. It probably doesn’t show up on any security dashboard. It’s the precise number of days it takes your team to respond to a live, context-specific threat with adequate training – training time to market.

2026 Phishing by Industry Benchmarking Report: Findings on Human Risk

Every year, KnowBe4 analyzes millions of simulated phishing tests to measure one thing: how likely is your workforce to fall for a phishing attack? The results, published in the 2026 Phishing by Industry Benchmarking Report, paint a clear picture of where human risk concentrates — and what organizations can do about it. Here are the key findings security leaders need to know.

Static DLP Is Leaving You in the Dark: Why It's Time for Intelligent, Self-Serve Outbound DLP and Misdirected Content Analysis

When we think about email security, our minds almost always jump to the inbound threats: the sophisticated phishing lures, the AI-generated business email compromise (BEC) attacks, and the malicious attachments knocking at the perimeter. But there is a silent, internal crisis happening on the way out of your organization. And chances are, you’re flying completely blind to it.

Cybercriminals Are Targeting the FIFA World Cup 2026

Lead Analysts: Jeewan Singh Jalal and Louis Tiley KnowBe4 ThreatLabs tracked phishing campaign activity from the first week of April through June 22, 2026 — covering the pre-tournament build-up, tournament kickoff and the first twelve days of live match play. Our latest intelligence adds crucial mid-tournament telemetry (June 15-22), a newly identified reply-back campaign track and additional infrastructure intelligence.

5 Essential Cybersecurity Defenses for Cloud Email Security

Cloud email has become the center of modern business. Regardless of your organization's industry or size, email connects employees, customers, vendors, executives, financial systems and critical business processes. Unfortunately, attackers know this too. For cybercriminals, compromising an email account is often like finding the master key to a building. Once inside, they may be able to steal information, impersonate employees, redirect payments, spread malware or gain access to other systems.

Shadow AI Is Not Shadow IT With a Better Marketing Budget

I saw a venn diagram on social media. One circle is Shadow IT, one circle is Shadow AI, a substantial overlap, and the implicit message is that they are effectively the same challenge. They aren’t and that the assumption can lead to many problems. Looking back, shadow IT was like watching a crash in slow-motion. Employees using technology IT hadn't sanctioned. Personal Dropbox accounts. Unofficial Slack workspaces.

Phishing Exposes Employee Data at 86% of Fortune 100 Companies

A new report from SpyCloud has found that phishing attacks have exposed employee data at 86% of Fortune 100 companies over the past 12 months, with the technology, airline and automotive sectors being hit the hardest. The researchers also found that 78% of organizations experienced an increase in phishing volume over the past year. Additionally, 84% of respondents named AI-assisted phishing as their top concern, followed by business email compromise (BEC) attacks.