Researchers at Palo Alto Networks’ Unit 42 are tracking two new malicious AI tools, WormGPT 4 and KawaiiGPT, that allow threat actors to craft phishing lures and generate ransomware code.

KnowBe4 is proud to announce that three of its leading security products — Security Awareness Training, PhishER/PhishER Plus and Compliance Plus — have been recognized as 2026 Buyer's Choice award winners by TrustRadius, a HG Insights company and buyer intelligence platform for business technology.

Sophisticated online fraud techniques are growing more accessible to unskilled attackers, driven by AI tools and fraud-as-a-service platforms, according to Sumsub’s latest Identity Fraud Report.

Lead Analysts: Jeewan Singh Jalal, Prabhakaran Ravichandhiran and Anand Bodke

Since November 3, 2025, KnowBe4 Threat Labs has been monitoring a highly sophisticated, multi-stage phishing operation that is actively targeting organizations to steal employees’ Microsoft 365 credentials. The campaign has been engineered to bypass traditional email security defenses, such as secure email gateways (SEGs),  and multi-factor authentication (MFA) tools.

A new criminal platform called “Matrix Push C2” is using browser notifications to launch social engineering attacks, according to researchers at BlackFog.

Users should be particularly wary of holiday-themed scams over the next few weeks, according to researchers at Malwarebytes.

“Mobile-first shopping has become second nature, and during the holidays, it’s faster and more frantic than ever,” Malwarebytes says. “Fifty-five percent of people get a scam text message weekly, while 27% are targeted daily.

A large phishing campaign is using phony seasonal party invites to trick users into installing remote management and monitoring (RMM) tools, according to researchers at Symantec.

Here's a curious thing about people, sometimes we crave the familiar, and sometimes we demand the novel.

Think about your digital spaces. You’ve got your corporate email, which we all treat a bit like a high-security bank vault. We approach it with caution, we're suspicious of unfamiliar senders, and we’re primed to spot a dodgy attachment. Then, you have WhatsApp. That’s the digital equivalent of your living room. It’s comfy, familiar, and filled with people you (mostly) trust. Our guard is down.

The finance and banking sector across Europe, the Middle East, and Africa (EMEA) faces extraordinary cybersecurity challenges, according to KnowBe4’s Cyber Risk in Finance and Banking Across EMEA report. While digital transformation has revolutionized operations and customer engagement, it has also created vulnerabilities that threaten the stability of the entire financial system.

In recent weeks, the UK government has announced the introduction of its new Cyber Security and Resilience Bill.

Lead analysts: Louis Tiley, Lucy Gee and James Dyer

Between 1:48pm ET on October 29 and 6:53pm ET on October 30, 2025, KnowBe4 threat analysts observed a high volume of phishing emails detected by KnowBe4 Defend that were sent from the legitimate domain of one of the world’s largest sportswear brands.

A new report from Entrust warns of an increase in deepfake attacks, which now account for one in five biometric fraud attempts. Additionally, instances of deepfaked selfies have increased by 58% over the past year.

Users and organizations should be prepared for a surge in phishing attacks over the next several weeks, as attackers take advantage of the holiday shopping season, according to a new report from Zimperium.

Ransomware attacks spiked in October 2025, with more than 700 organizations sustaining attacks, according to a new report from Cyfirma.

Using the right tool for the job is always better.

Anyone who does DIY projects around the home knows how using the right tool can dramatically make the job you are doing far easier. Use the wrong tool, and that task suddenly becomes a burdensome nightmare.

A new phishing kit is impersonating the Italian IT and web services provider Aruba, according to researchers at Group-IB. The kit is designed to trick users into entering their Aruba credentials, granting attackers access to sensitive accounts.

Researchers at Zimperium are tracking a new malware-as-a-service platform designed to target Android phones with banking Trojans. The platform, dubbed “Fantasy Hub,” allows unskilled threat actors to launch sophisticated malware campaigns that trick victims into granting access to their bank accounts.

Cybereason warns that the Tycoon 2FA phishing kit continues to receive upgrades, allowing unskilled cybercriminals to launch sophisticated social engineering attacks. The platform is known for its ability to bypass multi-factor authentication measures.

Researchers at Push Security warn of an extremely convincing ClickFix attack posing as a Cloudflare verification check. ClickFix is a social engineering technique that tricks the victim into copying and pasting a malicious command, then running it on their computer.