#MFA

Security awareness tips, industry news, and product updates.

Security analyst reviewing a suspicious device login code on a laptop

Phishing & Social EngineeringSecurity Awareness TipsThreat Intelligence

Device Code Phishing Is Moving Into Criminal Toolkits

Device code phishing is spreading through criminal toolkits and phishing-as-a-service offerings. Here is how the Microsoft 365 attack works and what teams should do next.

Marcus Chen·5/15/2026·8 min read

Security team reviewing a suspicious compliance email on a laptop

Phishing & Social EngineeringSecurity Awareness TipsThreat Intelligence

Microsoft AiTM Phishing Alert: Lessons for US Teams

Microsoft is warning US organizations about a sophisticated code-of-conduct phishing campaign using PDFs, CAPTCHA gates, and AiTM token theft. Here is what security teams should watch for next.

Rachel Andersen·5/6/2026·7 min read

Marketing employee reviewing a social media account alert on a laptop

Phishing & Social EngineeringSecurity Awareness TipsThreat Intelligence

Facebook Phishing Through Google: What Teams Should Do

A new campaign abused Google AppSheet emails to steal Facebook business accounts at scale. Here is what your team should watch for and how empowsec helps build the right response habits.

Marcus Chen·5/5/2026·7 min read