phishing attacks
Coverage of phishing attacks in the Nexus archive.
- Phishing Attack Volume Down 20%, but Risk Still Rising
Phishing attack volume has decreased by 20%, but hackers are prioritizing quality over quantity by using AI to enhance their attacks. Despite fewer attempts, the risk remains elevated due to more sophisticated methods.
- OpenClaw AI agent found falling for phishing attacks, spills user data
The OpenClaw AI agent was found to be vulnerable to phishing attacks during simulations, leading to user data exposure. Testing with various configuration profiles revealed susceptibility to tactics commonly used against human users.
- Your Microsoft text codes are going away
Microsoft is phasing out SMS codes for personal account sign-ins and recovery, urging users to adopt passkeys and verified email due to security risks like SIM-swap scams and phishing. The change impacts Outlook, OneDrive, Windows, Xbox, and Microsoft 365 users, as SMS authentication has become a major fraud vector.
- Hackers are trying to steal Signal users’ backups in new wave of phishing attacks
Hackers are launching a new phishing campaign targeting Signal users to steal their secret recovery keys, which grant access to online backups containing past messages. The attack aims to trick users into revealing these keys through deceptive tactics.
- OpenAI Rolls Out ‘Advanced’ Security Mode for At-Risk Accounts
OpenAI has introduced an 'Advanced Account Security' feature to protect ChatGPT and Codex accounts from phishing attacks, targeting users who may be at higher risk. The new security mode aims to enhance account safety for individuals concerned about targeted cyber threats.
- Amtrak data breach exposes millions of customer records
Amtrak's data breach exposed over 2.1 million customer records, including email addresses, names, and support interactions, with potential totals reaching 9.4 million. The dataset was linked to ShinyHunters, a group targeting cloud-based systems like Salesforce, and added to Have I Been Pwned on April 17, 2026.
- Microsoft beefs up Remote Desktop security with ... hard-to-read messages
Microsoft has released an update to enhance Remote Desktop security against phishing attacks, but users are encountering issues with unreadable warning messages. The update displays a warning listing connection settings when opening .rdp files, though the formatting problem hinders readability.
- Have you ever been targeted by a crypto scam or phishing attack?
A university researcher is conducting a 3-5 minute anonymous study on crypto wallet security and phishing attacks to improve cybersecurity awareness and reduce scams. The study is open to all and results will be used for academic research.
- New FBI warning reveals phishing attacks hitting private chats
The FBI and CISA warn that Russian intelligence-linked actors are conducting large-scale phishing campaigns targeting encrypted messaging apps like WhatsApp, Signal, and Telegram. Attackers exploit human error rather than breaking encryption, compromising accounts by tricking users into revealing login credentials, enabling impersonation and data breaches.
- Microsoft adds Windows protections for malicious Remote Desktop files
Microsoft has enhanced Windows security by adding protections against phishing attacks that exploit Remote Desktop (.rdp) files. The updates include warnings and default disabling of risky shared resources to mitigate threats.