Attention: You are using an outdated browser, device or you do not have the latest version of JavaScript downloaded and so this website may not work as expected. Please download the latest software or switch device to avoid further issues.

News > Attacks & Threats > Hackers Target Cybersecurity Firm Outpost24 in 7-Stage Phish

Hackers Target Cybersecurity Firm Outpost24 in 7-Stage Phish

In an unsuccessful phishing attack, threat actors leveraged trusted brands and domains to try to redirect a C-suite executive at Outpost24 to give up his credentials.
19 Mar 2026
Written by Gabi Gerber
Attacks & Threats

Featured

Hacking Topics, Security Operation Center

Cybersecurity companies are not immune from the same kind of attacks they help their customers defend against — but a successful compromise could have big consequences for their customers in ways that other hacks don't.

A recent example of attackers targeting security vendors is a phishing attack aimed at a C-level executive at security firm Outpost24 that was engineered to bypass multiple layers of enterprise email security without triggering a single alert. 

Read more here

Similar Stories

Attacks & Threats

He Thought He Was Secure; His Phone Number Was Stolen Anyway

Threat actors can easily steal one-time passwords sent by text when they conduct a SIM swap attack. This can lead to account takeovers, so users must layer up their security measur… More...
Novo Nordisk Breach Highlights Software Development Pipeline Risk

A leaked GitHub token underscores what most organizations get wrong: Treating secrets management as a tooling problem ra… More...
Fileless Phantom Stealer Targets Browser Credentials

In addition to executing entirely in memory, the malware's infection chain incorporates other anti-analysis techniques d… More...
Nightmare-Eclipse Drops Yet Another Microsoft Exploit, RoguePlanet

The disgruntled researcher released yet another PoC for a Windows Defender bug that allows for system takeover, showing … More...
Microsoft Exchange Flaw Lets Attackers Spoof Any Email Address

“Ghost-Sender" is the result of a widespread misconfiguration, according to researchers, and evidence indicates it's bei… More...

Have your say

 

News Categories

Attacks & Threats

He Thought He Was Secure; His Phone Number Was Stolen Anyway

Threat actors can easily steal one-time passwords sent by text when they conduct a SIM swap attack. This can lead to account takeovers, so users must layer up their security measur… More...
Novo Nordisk Breach Highlights Software Development Pipeline Risk

A leaked GitHub token underscores what most organizations get wrong: Treating secrets management as a tooling problem ra… More...
Fileless Phantom Stealer Targets Browser Credentials

In addition to executing entirely in memory, the malware's infection chain incorporates other anti-analysis techniques d… More...
Nightmare-Eclipse Drops Yet Another Microsoft Exploit, RoguePlanet

The disgruntled researcher released yet another PoC for a Windows Defender bug that allows for system takeover, showing … More...
Microsoft Exchange Flaw Lets Attackers Spoof Any Email Address

“Ghost-Sender" is the result of a widespread misconfiguration, according to researchers, and evidence indicates it's bei… More...

Show more
image

Contact Us

Security Interest Group Switzerland
c/o Bridge Head AG
Sulzbergstrasse 34
5430 Wettingen
Switzerland

Quick Links

Terms
Contact Us
Privacy Policy
Newsletter

Follow Us

This website is powered by
ToucanTech