5 Threats This Week That Started With a Conversation
From the FBI-flagged Kali365 phishing kit to ransomware hidden in "legal documents," here are this week's top social engineering threats and how to stop them.
From the FBI-flagged Kali365 phishing kit to ransomware hidden in "legal documents," here are this week's top social engineering threats and how to stop them.
After NL Health Services apologized for a phishing simulation that promised health-care workers an extra paid day off, security teams should revisit how to make awareness training effective without making employees feel punished.
The Verizon 2026 DBIR confirms that people remain central to breach risk, but attackers are no longer relying on email alone. Security awareness programs need to evolve from annual training and basic phishing tests into continuous, behavior-based human risk management.
PhishingBox is heading back to Gartner Security & Risk Management Summit 2026 in National Harbor, Maryland. Visit booth 952 from June 1–3 to meet our team and preview a major new product reveal focused on the future of security awareness, phishing simulation, training, and human risk management.
AI is transforming phishing into highly sophisticated, multi-step attacks at scale. Learn why human behavior is now the primary cybersecurity risk—and how organizations can adapt.
PhishingBox now integrates with Cornerstone, allowing organizations to sync LMS users and streamline security awareness training with manual and automated enrollment workflows.
Credential theft and social engineering attacks are scaling rapidly. Discover the latest threats and how to strengthen your human firewall against modern phishing.
Explore the latest phishing threats, including MFA bypass kits, fake CAPTCHA malware, and AI-driven scams, and how organizations can reduce social engineering risk.
Social engineering is accelerating in 2026, with attackers shifting from malware to manipulating people through voice calls, phishing emails, and AI-powered deception. From enterprise vishing campaigns stealing SSO and MFA credentials to global cyberespionage operations and large-scale breaches triggered by a single employee interaction, trust exploitation remains the primary entry point. As emerging economies and cloud-driven organizations expand their digital footprint, identity deception, impersonation, and voice-based attacks are becoming dominant threats—proving that the human element is still the most targeted vulnerability in cybersecurity.