Social Engineering stories - Page 6

A rapid surge in OpenClaw AI assistant use has left tens of thousands of exposed systems and a trail of hijacked tools and malicious add-ons.

ShinyHunters shifts to subdomain-brand phishing and vishing on mobiles, bypassing domain checks to hijack SSO logins and SaaS sessions.

Phishing gangs exploit obscure .arpa DNS space and IPv6 tunnels to sneak past reputation-based web filters and lure users to fake sites.

AI-driven hackers can now steal data in just 72 minutes, as faster, multi-surface attacks overwhelm complex, over-trusting enterprises.

Fewer than half of UK small firms can spot cyber breaches, as identity fraud and supplier scams expose gaps in remote and hybrid working.

AI has overtaken all other threats as the top global data security risk, with firms warning its rapid spread magnifies existing vulnerabilities.

MetaCompliance adds Exposure Monitoring to tie confirmed breach data to automated staff training and human risk scoring for security teams.

Russian-run Diesel Vortex phishing service raided freight and logistics portals in the US and Europe, stealing over 1,600 login credentials.

AI-fuelled hackers can now spread across corporate networks in as little as four minutes, outpacing human defenders by hours.

AI-fuelled cyber threats are outpacing reactive defences, N-able warns, urging smaller firms to prioritise resilience over traditional security.

AI-fuelled ransomware, rapid cloud intrusions and identity abuse are transforming cyber risk, slashing response times for defenders.

Most CIOs expect AI-driven cyber attacks within a year, but only a third feel prepared, exposing a widening gap in cyber resilience.

Entersekt boosts leadership as it tops 10bn transactions and posts 30% North American growth, adding senior hires to drive expansion.

Ecommpay launches a free fraud guide for online retailers as UK payment fraud hits GBP £1.17 billion and AI-driven scams rapidly escalate.

KnowBe4 launches AIDA Orchestration, an autonomous AI system that tailors always-on phishing tests and training to each employee's risk profile.

Yubico launches YubiNation partner tiers and expanded training to boost phishing-resistant identity security amid rising breach costs.

Hijacked Google Ads accounts are serving bogus installers that trick Mac users into running MacSync stealer via fake Evernote guides.

CISOs slow-roll agentic AI in defence, even as they brace for more advanced, AI-boosted attacks and rising personal liability risks.

AI is fuelling a surge in cyber attacks, with CrowdStrike warning criminals now move from breach to lateral movement in under 30 minutes.

PromptSpy Android malware taps Google's Gemini AI to navigate screens, lock itself in recent apps and thwart users' attempts to remove it.