Computer Security News and Insights
The Phone Call That Cost One Company $23 Million In early 2024, a finance worker at engineering firm Arup was tricked into wiring $25 million to threat actors after a deepfake video call that impersonated senior leadership. That incident made headlines worldwide. But for every deepfake video heist, there are
In January 2024, a finance employee at British engineering firm Arup transferred $25 million to threat actors after joining a video call with what appeared to be the company's CFO and other colleagues — all of them deepfake recreations. The attack started the way most do: with a phishing
Your Old AIM Email Is a Bigger Threat Than You Think In December 2017, AOL officially shut down AIM — AOL Instant Messenger — after two decades as one of the internet's most iconic platforms. But here's what most people missed: the email addresses tied to those accounts
The Email That Cost MGM Resorts $100 Million In September 2023, a single social engineering attack — starting with a phone call but rooted in the same deception principles as phishing emails — led to a breach at MGM Resorts that cost the company over $100 million. The threat actors behind the
Your Employees Are Phish Food — And Threat Actors Know It In March 2025, the FBI's Internet Crime Complaint Center (IC3) released its 2024 annual report showing over $16 billion in reported cybercrime losses — the highest figure ever recorded. Phishing and its variants topped the list of complaint types
In January 2024, a finance employee at engineering firm Arup wired $25 million to criminals after joining a video call with what appeared to be the company's CFO and several colleagues. Every person on that call was a deepfake. The attack started the same way nearly all of
In May 2024, the FBI's Internet Crime Complaint Center reported that business email compromise — a category built almost entirely on fake emails — accounted for over $2.9 billion in adjusted losses in a single year. That figure dwarfed ransomware losses by a factor of nearly 50. And those
In March 2025, a mid-size accounting firm in Ohio wired $1.2 million to a threat actor who sent a single spoofed email — a fakeemail that perfectly mimicked the CEO's display name, writing style, and even included a forwarded thread from a real conversation. The email passed every
The Fake Invoice That Drained $1.4 Million In early 2025, the FBI's Internet Crime Complaint Center reported that business email compromise — the category that includes PayPal phishing attacks — generated over $2.9 billion in adjusted losses in 2023 alone. That number hasn't slowed down. One
The Trojan Horse You Already Installed In March 2024, a lone developer named Andres Freund noticed something odd: SSH connections were taking 500 milliseconds too long. That curiosity uncovered the XZ Utils backdoor — a sophisticated supply chain attack where a threat actor had spent two years building trust as a
