Search results for Social Engineering

Social Engineering Schemes Target C-Suite Executives

March was a busy month for former Black Basta affiliates who are using old social engineering techniques to target executives in the manufacturing, professional, scientific, and te...

Social Engineering Schemes Target C-Suite Executives

March was a busy month for former Black Basta affiliates who are using old social engineering techniques to target executives in the manufacturing, professional, scientific, and te...

Why M365 Security Fails Against Social Engineering

100:00:00,000 –> 00:00:03,840Attention, valued knowledge workers. 200:00:03,840 –> 00:00:06,320By order of the Productivity Council, 300:00:06,320 –> 00:00:10,720your Micr...

Hackers Bypass Security Tools to Target Users Directly

Bridewell report calls out emergence of “fix-style” attacks

North Korean social engineering campaign targets macOS users

A MacOS-focused social engineering campaign orchestrated by North Korea-based threat actor Sapphire Sleet has been exposed by Microsoft’s Threat Intelligence Unit.

Microsoft spots Sapphire Sleet macOS attack using AppleScript and social engineering

A new macOS-focused cyber campaign linked to the North Korean threat actor Sapphire Sleet, highlighting how attackers are increasingly relying on social engineering rather than sof...

Attackers Combine ClickFix With PySoxy Proxying to Maintain Persistence

Exploitation of open-source tools allows attackers to maintain persistent access after initial social engineering, warn ReliaQuest researchers

Identity Security in the Age of Agentic AI: What Engineers Need to Know

The rise of agentic AI isn't just changing how we build software it's fundamentally breaking our assumptions about identity, access, and accountability. As engineers, we've spent d...

Redesigning Security Culture for the Agentic Age

The launch of platforms like Moltbook, OpenClaw, and RentAHuman in early 2026 has provided an unsettling glimpse into the future. We are entering a phase of the digital workplace w...

When Global Conflict Becomes a Cyber Weapon: How Iran Tensions and Other Stressful Events Fuel Social Engineering Attack...

When geopolitical tensions rise, whether due to conflicts like the current one involving Iran or other global flashpoints, many organizations focus on physical security, supply cha...

To gain root access at this company, all an intruder had to do was ask nicely

Human IT managers thought they were being nice to the boss, but were assisting a threat actor

A Taxonomy of Cognitive Security

Last week, I listened to a fascinating talk by K. Melton on cognitive security, cognitive hacking, and reality pentesting. The slides from the talk are here, but—even better—Menton...

Axios npm compromise traced to targeted social engineering attack

The recent compromise of the widely used Axios npm package has been confirmed as the result of a targeted social engineering attack. The incident, which briefly exposed developers...

Canvas breach a human trust failure, not a technology failure – expert

The incident has sparked urgent warnings for schools, with experts calling social engineering the new cybersecurity battleground for educators everywhere

Hackers Launch Social Engineering Offensive Against Key Node.js Maintainers

Following the high-profile supply chain compromise of the widely used Axios package, a highly coordinated social engineering campaign has been uncovered targeting top-tier Node.js...

The VibeSec Reckoning

Vibe coding has significantly accelerated software prototyping but AI agents frequently recommend insecure configurations, creating security problems. Gautam Koul, Luci...

CyberheistNews Vol 16 #21 [Heads Up] GitHub Breach Shows Developer Tools Are Social Engineering Targets

OpenClaw- Agentic Engineering

This week has training on AI – Cyber security experts – Omar Santos and Aamir Lakhani- with great knowledge . during the session learned about OpenClaw and more. I... The post Open...

AI-Powered Human Risk Management Shifts the Focus to Adaptive, Behavior-Based Training

Human risk management (HRM) focuses on one of the most persistent cybersecurity vulnerabilities: humans. Social engineering attacks that trick users into taking risky actions are a...

CyberheistNews Vol 16 #19 Crafty Criminals Continue to Pose as Help Desks in Social Engineering Attacks

[Heads Up] GitHub Breach Shows Developer Tools Are Social Engineering Targets

GitHub disclosed that attackers accessed its internal repositories after compromising an employee device through a poisoned Visual Studio Code extension. The company said the activ...

EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades

Intro A sophisticated, high-resilience malicious campaign was identified by Atos Threat Research Center (TRC) in March 2026. This operation specifically targets the high-privilege...

Weaponizing Apathy: How Threat Actors Exploit Vulnerabilities and Legitimate Software

Threat actors increasingly exploit legitimate software and known vulnerabilities to evade detection and deliver attacks. Tools like Microsoft Office and Remote Access Tools enable...

The Many Ways Chatbot Tools Can Manipulate Us

How chatbot tools use psychological strategies to engage and ensnare us, and other tales of "large language manipulators."