Researchers at SpyCloud warn that the number of stolen identity records on criminal forums rose to 65.7 billion in 2025, a 23% increase from the previous year.
Researchers at SpyCloud warn that the number of stolen identity records on criminal forums rose to 65.7 billion in 2025, a 23% increase from the previous year.
Researchers at Malwarebytes warn that cybercriminals are peddling stolen tax documents for as low as $4 per identity, with freshly stolen forms selling for $20 each. These documents allow threat actors to conduct refund fraud, using stolen personal information to claim victims’ tax refunds.
Researchers at LayerX warn that custom fonts can fool AI web assistants into thinking phishing pages are benign, while the human user sees something completely different.
Although artificial intelligence (AI) seems relatively new to a lot of people, it was first officially created in 1956 and has been a large, improving branch of computer science ever since. The mass appeal of AI took off in late 2022 when OpenAI publicly released ChatGPTicial iintelligence (AI) seems relatively new to a lot of people, it was first officially created in 1956 and has been a large, improving branch of computer science ever since. The mass appeal of AI took off in late 2022 when OpenAI publicly released ChatGPT.
A finance employee receives an email that appears to come from the CFO requesting urgent payment approval. The message references a current project, uses the correct tone, and arrives at a plausible time. However, the email wasn’t written by a colleague — it was generated by AI. And it contains a malicious link.
Researchers at Permiso warn that threat actors can plant phishing messages within Copilot AI summaries. Notably, the researchers found that attackers can trick Copilot into including internal information to craft a more targeted message.
.jpg)
In the financial services industry, a “security incident” is rarely just an IT ticket. It is a regulatory event. Whether you are a bank, a global investment firm, or a fintech startup, your email environment is the most targeted entry point for attackers and the most common exit point for sensitive data.
I just came across the Zero Day Clock, and I love it. Everyone should go there, see the stats, see the trends, and figure out what that means for your ongoing and future patch management plans.
