#threat intelligence

Security awareness tips, industry news, and product updates.

Reviewing employee-reported emails
Threat IntelligenceProduct Updates

Reported Email Review: Turning Employees Into Sensors

When employees report suspicious emails through the empowsec Outlook or Gmail add-in, those reports land in an admin review queue where security teams can classify each one and build real threat intelligence from what is actually reaching inboxes.

Marcus Chen·7/5/2026·8 min read
Employee entering a login code on a laptop at an office desk
Phishing & Social EngineeringSecurity Awareness TipsThreat Intelligence

Kali365 Phishing Service Targets Microsoft 365 Accounts

The FBI is warning about Kali365, a phishing-as-a-service platform that hijacks Microsoft 365 accounts by abusing OAuth device code authentication to steal session tokens and bypass MFA. Here's how the attack works and how to defend your organization.

Marcus Chen·6/6/2026·9 min read
Driver checking a suspicious toll payment text message on a mobile phone
Phishing & Social EngineeringSecurity Awareness TipsThreat Intelligence

Road Toll Smishing Scams: Lessons from Operation Road Trap

Bitdefender's Operation Road Trap research shows how toll, parking, and traffic-fine smishing has scaled across countries. Here is what employees and security teams should watch for.

Elena Vasquez·5/15/2026·7 min read
Security team reviewing a suspicious compliance email on a laptop
Phishing & Social EngineeringSecurity Awareness TipsThreat Intelligence

Microsoft AiTM Phishing Alert: Lessons for US Teams

Microsoft is warning US organizations about a sophisticated code-of-conduct phishing campaign using PDFs, CAPTCHA gates, and AiTM token theft. Here is what security teams should watch for next.

Rachel Andersen·5/6/2026·7 min read
Person scanning a QR code on a smartphone with a laptop open in the background
Phishing & Social EngineeringSecurity Awareness TipsThreat Intelligence

Quishing in 2026: The QR Phishing Tricks Your Tools Still Miss

QR code phishing has evolved far beyond a simple scan-and-steal. Split codes, Unicode fakes, CAPTCHA gates, and state-sponsored campaigns are rewriting the rulebook — and most security stacks still can't read a QR code.

Elena Vasquez·4/22/2026·13 min read
Smartphone scanning a QR code with a warning overlay indicating a phishing threat
Phishing & Social EngineeringThreat Intelligence

QR Code Phishing Is Surging: How Quishing Bypasses Your Email Security

QR code phishing attacks increased 587% in 2025. Unlike traditional phishing links, QR codes bypass most email security filters entirely. Here's how quishing works and what your organization can do about it.

Marcus Chen·4/8/2026·6 min read