LastPass Alerts Users to Fake Maintenance Scams After Master Passwords

A deep dive into the January 2026 phishing campaign that impersonated LastPass. This article breaks down the attackers’ tactics, maps them to the MITRE ATT&CK framework, and provides a clear blueprint for both red and blue teams to understand and counter such threats.

Russian APT28 Runs Credential-Stealing Campaign Targeting Energy and Policy Organizations

In early 2026, cybersecurity researchers uncovered a sophisticated credential harvesting attack campaign orchestrated by the Russian state-sponsored group APT28, also known as BlueDelta or Fancy Bear. This group, linked to the GRU, has systematically targeted individuals within a Turkish energy and nuclear research agency, a European think tank, and organizations in North Macedonia and Uzbekistan.

Microsoft Warns Misconfigured Email Routing Can Enable Internal Domain Phishing

Imagine receiving an email that appears to come from your own company’s human resources department or CEO. The sender address looks perfect, the domain matches yours exactly, and the content seems legitimate. This is the dangerous reality of internal domain phishing, a sophisticated attack vector exploiting misconfigured email routing that Microsoft has recently warned is seeing a significant surge. This guide will dissect this evolving threat, explain exactly how attackers bypass security controls, and provide you with actionable steps to defend your organization.