PROBABLYPWNED
Home/Tag/Phishing

Phishing

42 articles tagged with "Phishing"

Phantom Squatting: Attackers Weaponize AI-Invented URLs
Threat Intelligence4 min read

Phantom Squatting: Attackers Weaponize AI-Invented URLs

Unit 42 finds attackers registering domains that LLMs hallucinate, then hosting phishing kits to intercept AI-directed traffic. Montana Empire kit caught 23 days after prediction.

Alex KowalskiJul 2, 2026
ChatGPhish Turns ChatGPT Web Summaries Into Phishing Delivery
Vulnerabilities4 min read

ChatGPhish Turns ChatGPT Web Summaries Into Phishing Delivery

Researchers discover ChatGPT's Markdown rendering trusts attacker-controlled content from summarized pages, enabling phishing URLs, IP exfiltration, and fake security alerts inside the AI interface.

Vulnerability DeskMay 31, 2026
FBI Warns Kali365 PhaaS Steals Microsoft 365 Tokens at Scale
Threat Intelligence4 min read

FBI Warns Kali365 PhaaS Steals Microsoft 365 Tokens at Scale

New phishing-as-a-service platform bypasses MFA via OAuth device code flow. FBI PSA details how Kali365's AI-generated lures and $250/month pricing are enabling widespread credential theft.

Threat Intel DeskMay 24, 2026
Booking.com Breach Exposes Guest Reservation Data
Data Breaches4 min read

Booking.com Breach Exposes Guest Reservation Data

Booking.com confirms hackers accessed customer reservation data including names, emails, phone numbers, and booking details. Company resets PINs but won't disclose breach scope.

Data Breach DeskApr 16, 2026
Casbaneiro Banking Trojan Spreads via Dynamic PDF Phishing
Malware4 min read

Casbaneiro Banking Trojan Spreads via Dynamic PDF Phishing

Brazilian threat actor Augmented Marauder targets Latin America and Europe with Casbaneiro banking trojan, using dynamically generated court summons PDFs and Horabot for worm-like propagation.

Malware DeskApr 5, 2026
Germany Warns of Signal Phishing Targeting Officials
Threat Intelligence4 min read

Germany Warns of Signal Phishing Targeting Officials

Germany's BfV and BSI issued a joint advisory warning of state-sponsored phishing campaigns targeting politicians, military officials, and journalists through Signal's device linking feature.

Threat Intel DeskFeb 12, 2026
Broken Phishing URLs Are Bypassing Your Filters
Threat Intelligence5 min read

Broken Phishing URLs Are Bypassing Your Filters

SANS ISC handler Xavier Mertens documents phishing campaigns using malformed URL parameters to evade regex detection, URL normalization, and IOC extraction.

Threat Intel DeskFeb 5, 2026
Phishers Hide Behind Google Slides Publish Feature
Threat Intelligence5 min read

Phishers Hide Behind Google Slides Publish Feature

Attackers exploit Google Presentations' publish mode to host phishing pages that bypass Google's own security warnings, targeting Vivaldi Webmail users.

Threat Intel DeskJan 30, 2026
Microsoft Teams Enables Security Defaults on January 12
Announcements4 min read

Microsoft Teams Enables Security Defaults on January 12

Tenants using default settings will get automatic protection against weaponizable file types and malicious URLs. Administrators who want to opt out must act before the rollout.

ProbablyPwned Editorial TeamJan 9, 2026