Attackers compromised some customer and employee accounts at Twilio through a text-based phishing campaign.
Microsoft has identified a long, widespread phishing campaign that stole session cookies to bypass MFA and led to BEC and payment fraud.
A $23.5 million phishing scheme was carried out in 2018 that impacted the U.S. Department of Defense.
U.S. election officials and other state and local government officials received invoice-themed phishing emails aiming to steal their credentials, warned the FBI.
Attackers are using compromised Microsoft Exchange servers to launch thread-hijacking attacks that infect victims with the IcedID malware.