Latest Threats
Barracuda Research delivers actionable insights from trillions of IT events, AI-powered threat detection and real-world security incidents. Our advanced threat intelligence empowers IT security professionals with the knowledge to identify emerging threats, recognize the warning signs and implement effective protection strategies for their businesses.
Latest Email Threat Tactics
- Threat Spotlight: Unpacking a stealthy new phishing kit targeting Microsoft 365
+ Tycoon 2FA phishing kit updated with new tools and tactics
+ Cephas kit uses invisible characters to block scanners and rules
Attackers are using an uncommon obfuscation technique: creating random invisible characters in the source code to help evade anti-phishing scanners and obstruct signature-based YARA rules.
See the details and the action to take to protect against the attacks:
+ Stealthy malware hides in images to avoid detection
Attackers are using steganography in phishing campaigns to launch malicious JavaScript files that have been heavily disguised to make it hard for security systems to recognize them.
See the details and the action to take to protect against the attacks:
Latest Threats Targeting Organizations
- Attackers using ScreenConnect for unauthorized remote access
+ Attackers using bought or stolen credentials for ransomware and data theft
+ A rise in Microsoft 365 login attempts from unfamiliar countries
Real-World Incidents and Trends
- Akira ransomware turns victim’s remote management tool on itself
+ XDR contains attacks leveraging ScreenConnect
Barracuda Managed XDR and the SOC team recently helped two companies mitigate incidents where attackers compromised computers and installed ScreenConnect remote management software.
At one company, there were signs of data exfiltration linked to a convoluted series of malicious downloads. At the other company, there was evidence of malicious scripts and persistence techniques.
+ Beware: Scheduled tasks can be a security red flag
Ransomware attackers often use scheduled tasks to automate different stages of the attack, maximizing the impact of the attack while reducing the chances of detection. Attackers create scheduled tasks for several reasons, including:
- To release the ransomware payload at a specific time
- To maintain access to the network by scheduling tasks to rerun malware at intervals, even if it is detected and removed
- To help with stealthy data exfiltration by collecting and removing information at intervals
- To turn off antivirus software, firewall protections or system recovery tools, making it harder for the security team to remediate or recover from the incident
- To distribute ransomware to connected devices across the network
- To delete traces of attack activity after encryption, making it harder for security teams to investigate how the attack unfolded
Office of the CTO
The Office of the CTO comprises Barracuda’s leading threat researchers and technical experts who can provide authoritative insight on a wide variety of cybersecurity topics.
These include:
- Evolving email attack tactics – including phishing-as-a-service
- The use of AI in cyberthreats
- Threats targeting applications, networks, endpoints and data
- Ransomware
- Security operations and real-world case studies
- Incident response and risk resilience
- Cybersecurity leadership, governance and frameworks
Connect with Barracuda’s Office of the CTO
“An agentic AI operator will run cyberattacks end-to-end, gathering what it needs, crafting convincing lures, trying a path, watching how the target’s protection or defense reacts, then quietly shifting tactics and timing until it gets what it wants.”
Yaz Bekkar
Principal Consulting Architect – XDR, EMEA
Frontline security predictions 2026: The battle for reality and control in a world of agentic AI
“In 2026, attackers will shift from static tactics to dynamic, context-aware approaches with payloads that are tailored based on device, user activity or timing to evade automated detection.”
Ashok Sakthivel
Director – Engineering, Email Protection
Frontline security predictions 2026: The phishing techniques to prepare for
Resource Library
Barracuda provides a wide range of cyberthreat and cybersecurity insights, tools and support to help organizations and security researchers better understand the rapidly evolving threat landscape and how to manage risk.
