chat
expand_more

Tool Shell Cover
A newly discovered zero-day is affecting on-prem SharePoint environments. Here’s what CISOs need to know.
Read More
B Retail Industry Attack Trends Blog
New research reveals predictable seasonal cybersecurity patterns in retail. Discover when attacks are most prevalent and how to synchronize defenses with threat cycles.
Read More
B Multi Party Scam
Discover how multi-party attacks unfold and how to stop them before they cause damage to your organization.
Read More
B Regional VEC BEC Trends Blog
Regional analysis of 1,400+ organizations reveals how geography shapes email security risks. See which regions are most vulnerable to VEC vs BEC.
Read More
B Custom Phishing Kits Blog
Brand-specific phishing kits are replacing generic templates. Learn how these custom phishing kits enable sophisticated impersonation attacks.
Read More
B Vendor Email Compromise Case Study Blog
See how a real vendor email compromise attack fooled multiple employees. Learn why VEC succeeds and how AI makes these threats more dangerous.
Read More
B Flux Panel Ecommerce Checkout Hijacking via Phishing
FluxPanel turns legitimate ecommerce checkouts into live data theft operations. Learn how this dark web tool works, the role phishing plays, and how to stop attacks at their source.
Read More
B Flask Phishing Kit
Learn how threat actors used Flask, a popular Python framework, to build a versatile phishing kit for evasive campaigns that bypass traditional defenses.
Read More
B VEC Employee Engagement Threat Report Blog 1
New research reveals that employees engage with 44% of read vendor email compromise attacks. See which industries and roles are most vulnerable to this threat.
Read More
Legitimate Senders Weaponized Cover
Email bombing turns trusted sources into a smokescreen, flooding inboxes to distract users and hide follow-up threats.
Read More
B Evil Panel Blog
EvilPanel is a new phishing toolkit built on Evilginx that provides a full-featured web interface for launching MFA-bypassing attacks.
Read More
B Byte Dance Live Panel Blog
With live session hijacking, OTP interception, and dynamic targeting, the ByteDance Live Panel phishing-as-a-service kit gives attackers the upper hand against traditional defenses.
Read More
B DKIM Replay Google Phishing Attack
Threat actors used DKIM replay to send Google-branded phishing emails that passed authentication checks. Here’s how the attack worked and why it’s hard to catch.
Read More
B Pig Butchering
Learn about pig butchering fraud, a new threat to organizational security. Explore operational tactics, warning signs, and strategies to safeguard your business.
Read More
B X Files Fileless Malware
Learn how XFiles uses fileless malware, Cloudflare Turnstile widgets, and phishing emails to steal login details, cryptocurrency wallets, and access to corporate systems.
Read More
B Atlantis AIO Blog
Discover how cybercriminals use Atlantis AIO to automate credential stuffing attacks—and how AI-driven security can stop them before accounts are compromised.
Read More
B Black Basta
Black Basta is a highly active ransomware-as-a-service (RaaS) group that has been linked to dozens of high-profile attacks against organizations worldwide. See how they utilize generative AI to support their campaigns.
Read More
B AI Generated Zoom Impersonation Phishing Attack
Threat actors impersonated Zoom using an AI-generated phishing page to deliver a remote monitoring and management tool.
Read More
B Design and Diagramming Tools Phishing Attack
Cybercriminals are exploiting trusted tools like Canva, Figma, and Lucidchart for phishing. Learn how these attacks work—and how to protect your business.
Read More
B Crypto Grab Blog
CryptoGrab, a global cryptocurrency affiliate network, has been defrauding users of millions for more than 5 years using phishing emails and other tactics.
Read More
B Open Redirects
Explore the risks of open redirects and how they enable attackers to circumvent email security.
Read More
B H1 2025 Email Threat Report Blog
Explore new research on how AI is amplifying the impact of BEC and VEC attacks and learn how to defend against these evolving email security threats.
Read More
B Exploiting Google Services Blog
Cybercriminals misuse Google services for phishing, ad hijacking, and more. Learn five attack methods and how to protect your accounts.
Read More
B Docusign Phish
Threat actors are exploiting Docusign to bypass traditional email security, but Abnormal Security’s AI-powered platform stops these attacks by detecting behavioral anomalies in real time.
Read More
Discover How It All Works

See How Abnormal AI Protects Humans