SendGrid is a tool tracked across 13 threat clusters and 16 intelligence report mentions on ThreatCluster. First observed November 17, 2025; most recent activity July 8, 2026.
A phishing campaign impersonating Booking.com has targeted hotel operators in Japan, utilizing emails with malicious attachments. The attack employs a multi-stage malware process involving a ZIP archive containing a…
A sophisticated phishing campaign targeting Amazon Web Services (AWS) users has emerged, utilizing cloned login pages to capture credentials and multifactor authentication (MFA) codes in real-time. The attackers have…
Scattered Spider, a cybercrime entity linked to various high-profile attacks since 2022, has been reclassified as a decentralized collective rather than a unified group. Group-IB's analysis indicates that it consists of…
A phishing campaign is targeting users of email marketing platforms by sending messages that include a fake 'Support ICE' button. This tactic aims to create panic and urgency, tricking recipients into revealing…
Cybercriminals have discovered a method to exploit Microsoft's internal email system, specifically the [email protected] address, to send phishing emails that appear legitimate. This vulnerability…
A study analyzing 10 million websites has uncovered nearly 2,000 exposed API credentials across 10,000 webpages. Researchers from Stanford, led by Nurullah Demir, utilized the tool TruffleHog to identify 1,748 valid…
Proofpoint's analysis reveals that a significant number of banks in Australia and major companies in India are not enforcing the strongest DMARC email authentication protocols, leaving them vulnerable to AI-enhanced…
Huntress reported a vishing scam where attackers impersonated the U.K. tax authority, exploiting urgency and identity-theft fears to extract sensitive information from victims. The firm emphasized that the attack relied…
The cybercriminal group TA584 has intensified its operations by deploying Tsundere Bot malware through ClickFix social engineering tactics. This initial access broker has significantly increased its campaign volume,…
Over 270,000 phishing emails impersonating Centrelink and Services Australia have been sent to Australians in a significant cyberattack. The campaign, detected by Mimecast, has been ongoing for four months, with…