Safeguard
Tag

social-engineering

Safeguard articles tagged "social-engineering" — guides, analysis, and best practices for software supply chain and application security.

26 articles

Data Breach

Carnival Data Breach (May 2026): 5.99M Records Lost via Salesforce Social Engineering

Carnival confirmed a breach affecting nearly 6 million people on May 28, 2026, after an attacker socially engineered an employee into granting access to its IT environment. Here is the verified chain and what defenders should do.

May 28, 202611 min read
Social Engineering

The 'Code of Conduct' Phishing Wave: AiTM Token Theft Hit 13,000 Orgs (May 2026)

Microsoft detailed a polished phishing campaign that weaponized fake HR 'code of conduct' investigations to steal session tokens via adversary-in-the-middle proxies, bypassing MFA across 13,000+ organizations in 26 countries.

May 13, 202611 min read
Vulnerability Analysis

What is Phishing

Phishing drives more breaches than any other attack vector. Here's how it works, how it hits software supply chains, and how to defend against it.

Mar 26, 20268 min read
Incident Analysis

Okta Cross-Tenant Impersonation 2024

Okta's cross-tenant impersonation advisory and related social-engineering campaigns exposed how identity providers get targeted. Lessons for defenders.

Mar 26, 20268 min read
Vulnerability Analysis

What is Social Engineering

Social engineering causes 68% of breaches per Verizon's 2024 DBIR. Learn how it works, common attack types, and how it threatens the software supply chain.

Mar 25, 20266 min read
Threat Intelligence

Developer Social Engineering Campaigns 2024-2025

State-aligned and financially motivated actors now target individual developers with bespoke social engineering. Here is the tradecraft and what engineering leaders must do.

Mar 21, 20268 min read
Incident Analysis

Aflac and the Scattered Spider Insurance Pivot: June 2025

In June 2025 Scattered Spider pivoted from UK retail to US insurance, hitting Erie Insurance, Philadelphia Insurance, and Aflac inside a week. Aflac later confirmed 22.6 million people affected. We unpack the campaign.

Jan 22, 20267 min read
Incident Analysis

Coinbase TaskUs Insider Breach: When the BPO Becomes the Attack Surface

In May 2025 Coinbase disclosed that contractor support agents at TaskUs had been bribed to leak customer data for months. We unpack the insider-threat supply-chain anatomy and what crypto and fintech defenders must change.

Jun 25, 20257 min read
Incident Analysis

Co-op UK DragonForce Breach: When the Helpdesk Becomes the Backdoor

In late April 2025 the Co-operative Group joined Marks & Spencer and Harrods as victims of a DragonForce-affiliated cluster that targeted UK retail through helpdesk social engineering. We unpack the playbook and what retailers must change.

Jun 12, 20257 min read
Breach Analysis

Coinbase Social Engineering and Insider Threat: How Bribed Support Agents Led to a $400M Breach

Attackers bribed overseas Coinbase support agents to steal customer data, then demanded a $20M ransom. Coinbase refused to pay and disclosed everything.

May 15, 20256 min read
Threat Intelligence

Scattered Spider 2025: How the Most Dangerous Social Engineering Group Evolved

Scattered Spider adapted its tactics in 2025, moving beyond casino hacks to target retail, healthcare, and manufacturing with increasingly sophisticated social engineering.

Mar 20, 20257 min read
Threat Intelligence

AI Deepfake Phishing Campaigns in 2025: When Seeing and Hearing Isn't Believing

AI-generated voice and video deepfakes powered a new wave of phishing campaigns in early 2025. The technology is cheap, the results are convincing, and defenses are lagging.

Feb 10, 20257 min read
social-engineering — Safeguard Blog