GitHub Trends
Project Radar
- Blue tool0xDanielLopez/TweetFeedRepo · 650 stars
- Blue tool1am-krishna-2407/phishing_detectionPython · 0 stars
- Red toolBd-Mutant7/Phishing-Simulation-ToolEJS · 9 stars
Issue DeskApril 26, 202613 live stories
Independent Editorial Desk
Defender Focus · Research / Trends / Awareness
PhishPond tracks campaign evolution, detection engineering patterns, and practical mitigation lessons across email, identity, and browser-centric attack surfaces.
Red Team Lens
Campaign tradecraft, lure mechanics, infrastructure abuse, identity pressure, and adversary workflows worth modeling.
8 red-team readsBlue Team Lens
Detection engineering, user reporting, authentication controls, and response playbooks security teams can operationalize.
5 blue-team readsGitHub Trends
Lead Story
Passkey rollouts are becoming a practical answer to credential replay, but deployment quality still depends on device trust, exception handling, and user recovery workflows.
Enterprise identity teams are treating phishing-resistant authentication as an operating control, not a future-state roadmap item.
Read more:BleepingComputerBleepingComputer
Live Collection
The item intersects with phishing defense and may be useful for watch lists or awareness updates.
Read more:BleepingComputer
Phishing tooling shifts quickly, so defenders benefit from early visibility into kit behavior.
Read more:BleepingComputer
Phishing tooling shifts quickly, so defenders benefit from early visibility into kit behavior.
Read more:The Hacker News
Identity and session abuse can turn a single successful lure into account takeover.
Read more:BleepingComputer
Phishing tooling shifts quickly, so defenders benefit from early visibility into kit behavior.
Read more:Dark Reading
TweetFeed collects Indicators of Compromise (IOCs) shared by the infosec community at Twitter. Here you will find malicious URLs, domains, IPs, and SHA256/MD5 hashes. 650 stars.
Open project:GitHub
#blueteam#malware#malware-detection#malware-research
1am-krishna-2407/phishing_detection is a phishing-adjacent repository. Primary language: Python.
Open project:GitHub
he Cognitive Phishing Immunity Engine (CPIE) is a privacy-aware email security system designed to help users safely interact with emails. Instead of only detecting phishing based on technical patterns, CPIE focuses on *human-centric protection* by identifying social-engineering manipulation and guiding user decisions.
Open project:GitHub
Real-time phishing & scam domain blocklist — 130k+ curated threats, 888K+ community, free API, multiple formats Primary language: HTML. 976 stars.
Open project:GitHub
#anti-phishing#blacklist#blocklist#crypto-scam
Bd-Mutant7/Phishing-Simulation-Tool is a phishing-adjacent repository. Primary language: EJS. 9 stars.
Open project:GitHub
Coverage Streams
Fast-turn reporting on campaigns, lures, infrastructure shifts, and incident patterns.
Macro patterns in identity abuse, session theft, user targeting, and delivery tradecraft.
Telemetry, engineering notes, and workflow improvements for security teams under pressure.
Longer analysis tied to defender outcomes, not just novelty or headline shock value.
Showing attack-pattern coverage. Clear team filter
Field Analysis
Attackers are blending push prompts, urgent collaboration lures, and identity fatigue to move users from suspicion to accidental approval.
Read more:The Hacker NewsThe Hacker News
Field Analysis
Recent package compromises show how developer trust can be abused to harvest credentials and seed downstream phishing risk.
Read more:BleepingComputerCISA
Field Analysis
Enterprise responders are seeing invoice fraud migrate from bulk spoofing to thread-hijacking and linguistically adaptive payloads.
Read more:BleepingComputerKrebsOnSecurity
Field Analysis
New phishing kits are pivoting from simple password theft to real-time token capture and replay workflows targeting modern MFA deployments.
Read more:The Hacker NewsThe Hacker News
Field Analysis
Healthcare organizations are experiencing clustered phishing campaigns aligned to regional staffing and patient billing cycles.
Read more:The Hacker NewsCISA
Field Analysis
A longitudinal study tracks how lookalike domains and cloned login flows are assembled and rotated across finance-themed phishing clusters.
Read more:The Hacker News
Field Analysis
Investigators report a rise in hidden forwarding and deletion rules used to suppress fraud conversations after initial compromise.
Read more:BleepingComputer
Field Analysis
Attackers continue to abuse trusted domains with weak redirect controls to improve lure trust and reduce user suspicion.
Read more:Microsoft Security Blog