Safeguard
Tag

phishing

Safeguard articles tagged "phishing" — guides, analysis, and best practices for software supply chain and application security.

22 articles

Industry Analysis

Business email compromise (BEC)

Business email compromise (BEC) tricks employees into wiring funds or data to attackers posing as executives or vendors. Here is how BEC fraud actually works.

Feb 24, 20267 min read
Vulnerability Analysis

Open redirect vulnerabilities explained

Open redirect flaws (CWE-601) score as medium severity alone, but they power real phishing campaigns against Google, Amex, and Microsoft. Here's how they work and how to stop them.

Dec 12, 20257 min read
Open Source Security

How Package Takeover via Maintainer Account Compromise Ac...

Attackers don't hack npm's servers — they phish or socially engineer maintainers. Here's how account takeover turns trusted packages into malware.

Jul 31, 20257 min read
AppSec

Open Redirect Vulnerabilities: How Attackers Abuse Them

An open redirect attack abuses a trusted domain's own redirect functionality to send victims to a malicious site — low severity on its own, but a key ingredient in phishing and OAuth token theft.

May 27, 20256 min read
Threat Intelligence

AI Deepfake Phishing Campaigns in 2025: When Seeing and Hearing Isn't Believing

AI-generated voice and video deepfakes powered a new wave of phishing campaigns in early 2025. The technology is cheap, the results are convincing, and defenses are lagging.

Feb 10, 20257 min read
Social Engineering

Email Security and Supply Chain Phishing Attacks

Phishing remains the top initial access vector for supply chain attacks. Targeted emails against developers, maintainers, and DevOps engineers open the door to code injection, credential theft, and pipeline compromise.

Mar 8, 20236 min read
Incident Response

Dropbox Breach: Phishing Attack Exposes 130 Private GitHub Repositories

Attackers phished Dropbox employees by impersonating CircleCI, gaining access to 130 private GitHub repos containing internal code and credentials.

Nov 2, 20226 min read
Incident Response

0ktapus: The Phishing Campaign That Hit Cloudflare, Twilio, and 130+ Organizations

A single phishing campaign compromised over 130 companies including Cloudflare and Twilio. Here's how the 0ktapus attack chain worked.

Aug 8, 20226 min read
Incident Analysis

Azure AD Token Theft Campaigns: A 2022 Retrospective

Token theft is the quiet successor to credential phishing, and 2022 turned it into an industry. Here is what the year's Azure AD campaigns actually looked like.

Jul 14, 20227 min read
Social Engineering

Mailchimp Social Engineering Breach: How an Employee Hack Compromised Crypto Customers

A social engineering attack on Mailchimp employees gave attackers access to internal tools, which they used to target cryptocurrency companies and their customers in a downstream phishing campaign.

Apr 4, 20225 min read
phishing (Page 2) — Safeguard Blog