On June 2, 2026, SANS Internet Storm Center handler Xavier Mertens published an analysis of a phishing wave that had been landing in his inbox for several consecutive days. The attachment on each message was an SVG file …
For years, Google Postmaster Tools gave senders a reputation label – High, Medium, Low, or Bad – and left them to figure out what was causing the problem. The labels were opaque by design. You could watch …
In early June 2026, Swiss cybersecurity firm InfoGuard Labs disclosed a vulnerability they named Ghost-Sender: a misconfiguration in Microsoft Exchange Online that allows an attacker to deliver email impersonating any …
The Anti-Phishing Working Group published its Q1 2026 Phishing Activity Trends Report in May 2026. The headline number is significant: 971,181 unique phishing attacks in the first three months of the year, up 13.8 …
On June 12, 2026, Google filed a civil lawsuit against a China-based cybercrime network known as Outsider Enterprise. The complaint alleges that the group used Google’s own Gemini AI to generate phishing landing …
Abnormal AI’s 2026 Attack Landscape Report, published in April, analyzed nearly 800,000 email attacks across more than 4,600 organizations during the second half of 2025. One finding in particular is worth pausing …
A message arrives. The sender domain looks legitimate. The receiving mail server checks SPF: pass. It verifies the DKIM signature: pass. It evaluates the DMARC record against both results: pass. Every authentication gate …
A phishing campaign uncovered by Varonis Threat Labs targeted more than 70 organizations – predominantly in the United States – by exploiting a legitimate Microsoft 365 feature in a way most security teams …
Every organization that has grown its software stack over the past few years carries a potential deliverability fault line inside a DNS record most people never look at. The SPF record, a short TXT entry that authorizes …
A single-month scan of 3.1 billion emails. One in three messages flagged as malicious or unwanted spam. Nearly half of all malicious activity originating from phishing. These are the headline numbers from …
For years, DMARC enforcement felt like an enterprise problem. Large organizations had the IT staff to navigate DNS configuration, aggregate reporting, and the careful source-discovery work required to move from p=none to …
Email marketing returns between $36 and $42 for every dollar spent in 2026. No other marketing channel comes close: paid search returns roughly $2, social advertising $2.80, display ads $1.35. The gap is so large that it …
Cloudflare published its 2026 Threat Intelligence Report in March, and the email security chapter deserves more attention than it received in the broader coverage of the report. The headline finding that nation-state …
Microsoft Threat Intelligence published its Q1 2026 email threat landscape report on April 30. The headline figure was 8.3 billion email-based phishing threats detected in the first three months of the year. Monthly …
The FBI’s Internet Crime Complaint Center received 21,442 Business Email Compromise reports in 2024. The total losses across those incidents came to $2.77 billion. That works out to an average loss of approximately …
On January 8, 2026, Google announced that Gmail was entering the Gemini era. The announcement marked something more consequential than a feature release: it formalized the existence of a second filter in Gmail’s …
On April 14, 2026, a phishing campaign began reaching inboxes at healthcare systems, banks, law firms, and technology companies across 26 countries. By April 16, it was over. In those 48 hours, Microsoft’s threat …
