Blog

Threat Intelligence Blog

Research, insights, and updates from the isMalicious team.

AI-Enabled Device Code Phishing: How OAuth Tokens Became the New Credential Theft Target
PhishingMay 10, 2026

AI-Enabled Device Code Phishing: How OAuth Tokens Became the New Credential Theft Target

Device code phishing turns a legitimate OAuth flow into a token theft path. Learn how AI-assisted lures, Entra ID abuse, and session token replay change phishing detection in 2026.

10 min readRead
OAuth Consent Phishing: Detecting Malicious App Grants Before Data Exfiltration
PhishingMay 6, 2026

OAuth Consent Phishing: Detecting Malicious App Grants Before Data Exfiltration

OAuth consent phishing tricks users into granting access instead of giving up passwords. Learn how malicious app grants work, which permissions matter, and how to detect abuse early.

10 min readRead
Compromised Domains in Phishing: When Trusted Sites Become Attack Infrastructure
PhishingMay 2, 2026

Compromised Domains in Phishing: When Trusted Sites Become Attack Infrastructure

Attackers increasingly host phishing pages, redirects, and malware on compromised legitimate domains. Learn why reputation bypass works and how to detect hidden malicious paths.

10 min readRead
Spear Phishing and Social Engineering: The Top Attack Vectors Targeting Enterprises in 2026
PhishingApr 24, 2026

Spear Phishing and Social Engineering: The Top Attack Vectors Targeting Enterprises in 2026

A complete guide to modern spear phishing and social engineering attack vectors—how threat actors plan, lure, and pivot, with detailed defensive controls for email, identity, training, and infrastructure reputation.

10 min readRead
Domain Lookup for Phishing and C2 Infrastructure Detection
PhishingApr 10, 2026

Domain Lookup for Phishing and C2 Infrastructure Detection

Phishing campaigns and malware operations depend on domain infrastructure that leaves detectable traces. Learn how advanced domain lookup techniques help security teams uncover phishing sites and command-and-control servers before they compromise your organization.

8 min readRead
Quishing : quand le QR code devient une arme de phishing
PhishingApr 5, 2026

Quishing : quand le QR code devient une arme de phishing

Les attaques par QR code (quishing) contournent les filtres e-mail et exploitent la confiance des utilisateurs. Découvrez les scénarios typiques, les signaux d’alerte et les mesures concrètes pour sensibiliser vos équipes et renforcer votre défense.

3 min readRead
Malvertising and Search Poisoning: Threats Hiding in Plain Sight
PhishingApr 3, 2026

Malvertising and Search Poisoning: Threats Hiding in Plain Sight

Malicious ads and manipulated search results push users toward malware and phishing without email. Learn how malvertising and SEO poisoning work and how teams can reduce risk.

2 min readRead
IDN and Homograph Phishing: When the Domain Looks Right But Is Wrong
PhishingApr 1, 2026

IDN and Homograph Phishing: When the Domain Looks Right But Is Wrong

Internationalized domain names and look-alike characters let attackers spoof trusted brands in the address bar. Learn how homograph attacks work and how to defend users and SOC teams.

2 min readRead
Domain Reputation Scoring: The First Line of Defense Against Phishing
PhishingFeb 25, 2026

Domain Reputation Scoring: The First Line of Defense Against Phishing

Not all domains are created equal. Discover how real-time domain reputation scoring helps organizations proactively identify and block phishing infrastructure, fake websites, and parked domains used by cybercriminals.

5 min readRead
Phishing Explained: How to Check a Domain for Threats
PhishingFeb 12, 2026

Phishing Explained: How to Check a Domain for Threats

What is phishing? Learn how to spot fake websites and check domains for threats before you enter your personal information.

2 min readRead
Anatomy of Phishing Infrastructure: How Attackers Build Their Trap
PhishingFeb 10, 2026

Anatomy of Phishing Infrastructure: How Attackers Build Their Trap

Peel back the layers of a modern phishing attack. From spoofed domains to SSL certificates, understand the infrastructure attackers use and how to detect it.

2 min readRead
Beyond Phishing: Modern Social Engineering Tactics
PhishingJan 20, 2026

Beyond Phishing: Modern Social Engineering Tactics

Social engineering has evolved beyond simple phishing emails. Discover the latest tactics used by attackers, including vishing, smishing, and pigmenting, and how to spot them.

4 min readRead
Why Checking Malicious Domain and IP Reputation is Critical for Threat Prevention
PhishingDec 4, 2025

Why Checking Malicious Domain and IP Reputation is Critical for Threat Prevention

Learn why monitoring domain and IP reputation is essential for cybersecurity. Discover how to detect malicious threats, prevent phishing attacks, and leverage threat intelligence to protect your infrastructure.

3 min readRead
Understanding phishing and how to stay protected
PhishingDec 10, 2024

Understanding phishing and how to stay protected

Phishing is a growing cybersecurity threat that tricks individuals into providing sensitive information. Learn how to identify phishing attempts and implement strategies to stay safe online.

3 min readRead

Expert Threat Intelligence Analysis

Our blog features in-depth analysis from our threat research team. Each article is backed by real data from our analysis of millions of malicious domains, IPs, and URLs across the global threat landscape. Topics include ransomware campaigns, phishing techniques, malware distribution networks, and emerging threat trends. We publish actionable intelligence that security teams can immediately use to improve their defenses.

Practical Security Guidance

Beyond threat analysis, we share practical guidance for security practitioners. Our tutorials cover API integration, SIEM configuration, threat hunting techniques, and building effective threat intelligence programs. Whether you're a SOC analyst, security engineer, or CISO, you'll find content tailored to your role and experience level.

Stay Ahead of Emerging Threats

The threat landscape evolves constantly. Our blog keeps you informed about the latest attack techniques, newly discovered vulnerabilities, and emerging threat actors. Subscribe to our newsletter for weekly digests of the most important developments in cybersecurity.

Subscribe to Our Newsletter

Weekly threat intelligence insights delivered to your inbox.