Tag: phishing
The new face of phishing: Why traditional defenses are failing your customers in 2026
As we navigate the start of 2026, the cybersecurity landscape has reached a critical inflection point. For managed services providers (MSPs), the challenge is no longer just identifying “the bad guys;” it’s identifying the “perfectly simulated guys.” In 2025, phishing...
Email Threat Radar — January 2026
From QR code deception to callback phishing and more: An overview of emerging email threats and attack trends Over the last month, Barracuda threat analysts have investigated the following email threats targeting organizations and their employees: Tycoon phishing kit using QR codes...
Cybersecurity Threat Advisory: DLL sideloading backdoors via LinkedIn messages
A multi‑faceted phishing campaign is using LinkedIn private messages to deliver weaponized payloads that execute through DLL sideloading. The activity involves legitimate‑looking PDFs, a malicious sideloaded DLL, a Python interpreter PE, and decoy archives. Review the recommendations in this Cybersecurity...
Threat Spotlight: How phishing kits evolved in 2025
In 2025, 90 percent of high-volume phishing campaigns leveraged Phishing-as-a-Service (PhaaS) kits. These kits have transformed the phishing landscape, enabling even less-skilled cybercriminals to access advanced tools and automation and launch large-scale, targeted phishing campaigns, often impersonating legitimate services and...
Staying cyber safe while hackers chase holiday cheer
The holidays are almost upon us. That means pass the stuffing, brine the turkey, wrap the presents, and hang the stockings with care. It also means hackers are hiding in the holly, waiting for a moment of distraction from all...
Threat Spotlight: Unpacking a stealthy new phishing kit targeting Microsoft 365
In this edition of the Threat Spotlight we see that Phishing-as-a-Service (PhaaS) platforms dominate the email threat landscape. The most prominent are sophisticated, well-resourced platforms offering tools, infrastructure, and support in return for payment or a share of the profits....
Cybersecurity Threat Advisory: ChaosBot malware exploits Discord
A recently discovered Rust-based malware called ChaosBot is being used compromise computers via Discord channels. Review the details within this Cybersecurity Threat Advisory to learn more and see how to protect your system. What is the threat? ChaosBot is a...
Threat Spotlight: Tycoon phishing kit reveals new techniques to hide malicious links
Phishing emails often feature malicious links (URLs) that lead victims to fake websites where they are infected with harmful software or tricked into giving away personal information such as their account credentials. Uncover how these attacks work in the latest...
Back to school, back to scams
As August fades into September, certain sights and sounds return like clockwork: bright yellow school buses rumbling down the roads, playgrounds echoing with the squeals of energetic children, and the slow shift of the seasons. As schools ease into their...
Email Threat Radar – July 2025
In this month’s edition of the Email Threat Radar, Barracuda threat analysts identified several notable email-based threats targeting organizations around the world. Many of them leveraged popular phishing-as-a-service (PhaaS) kits. The threats include: Tycoon PhaaS impersonating the Autodesk Construction Cloud for...
