KnowBe4 Blog KnowBe4’s blog keeps you informed about the latest in human and agent security including social and prompt engineering, ransomware and phishing attacks.
- From Awareness to Digital Workforce Securityby Martin Kraemer on July 10, 2026 at 4:00 pm
Security must evolve from a static training program into dynamic, AI-powered human and AI risk orchestration embedded across the organization.
- Your KnowBe4 Fresh Content Updates from June 2026by KnowBe4 Team on July 10, 2026 at 2:00 pm
Fran Roberts – Studios General Manager, KnowBe4 I am thrilled to be writing my first message to you as KnowBe4’s new Studios General Manager. I joined KnowBe4 because I believe that one of the most impactful areas for next-level storytelling is in security awareness — content that genuinely changes behavior and protects people.
- Threat Actor Uses Phishing to Breach Orgs for Ransomware Gangsby KnowBe4 Team on July 10, 2026 at 1:00 pm
An initial access broker associated with the Payouts King ransomware group is using Microsoft Teams phishing to deploy a malicious Microsoft Edge web browser extension, according to researchers at Zscaler. Once the hackers have a foothold within an organization, they sell the access to the ransomware gang to conduct follow-on attacks.
- Invoice Phishing Attacks Are Abusing the Shop Appby KnowBe4 Team on July 9, 2026 at 8:00 pm
Threat actors are abusing Shop, a legitimate app developed by Shopify, to launch phishing attacks, according to researchers at Gen Digital. Shop is used for making purchases and tracking orders, but threat actors are exploiting the platform to generate in-app notifications for phony invoices.
- Phishing Campaign Impersonates Interpol to Deliver Ransomwareby KnowBe4 Team on July 9, 2026 at 4:00 pm
A phishing campaign is targeting small businesses across Europe, Asia, the Middle East, and the United States with emails that impersonate Interpol’s cybercrime investigation unit, researchers at Bitdefender report.
- Prompt Injection and the Rise of Agentic Riskby Javvad Malik on July 9, 2026 at 1:00 pm
Boxers will often say, the punches that hurt the most aren’t the ones which are thrown with the most force, but the ones they didn’t see coming. I think the same is true in cybersecurity. It’s not the most advanced technically efficient, 0-day utilizing attacks that have the biggest impact, but rather those quiet ones. With no malware or suspicious login at three in the morning from an IP address in a country your company has never done business with. No alert fires. No dashboard turns red.
- Hyper-Targeted Social Engineering Needs Real-Time Video Responseby Nick Gasse on July 8, 2026 at 12:33 pm
There’s an important metric that can tell you exactly how vulnerable your high-risk employees and departments are to the next generation of social engineering.
- Your Email is Protected. Is Your Teams Chat?by Haylea Reiner, MBA on July 8, 2026 at 11:00 am
For years, security teams have poured resources into locking down the inbox, and for good reason. Email has always been the front door for phishing and social engineering. Unfortunately, another door has been left wide open: Microsoft Teams.
- CyberheistNews Vol 16 #27 [HOW TO] Your Cybersecurity Starts at Home on World Social Media Dayby KnowBe4 Team on July 7, 2026 at 1:30 pm
- 2026 Phishing by Industry Benchmarking Report: Findings on Human Riskby KnowBe4 Team on July 7, 2026 at 1:00 pm
Every year, KnowBe4 analyzes millions of simulated phishing tests to measure one thing: how likely is your workforce to fall for a phishing attack? The results, published in the 2026 Phishing by Industry Benchmarking Report, paint a clear picture of where human risk concentrates — and what organizations can do about it.

.jpg)










