---
title: "FBI Warns Firms, Carnival Data Breach, GlobalProtect Exploits Active – Cybersecurity News [May 25, 2026] | DuoCircle"
description: "Cybersecurity News: FBI warns of Silent Ransom attacks, Carnival confirms 6M-record breach, GlobalProtect exploits surge, and AI-powered threats grow."
image: "https://www.duocircle.com/images/og-default.png"
canonical: "https://www.duocircle.com/blog/cybersecurity-news-update-week-22-of-2026/"
---

Quick Answer

What happened in cybersecurity this week? Key developments included FBI warnings about Silent Ransom attacks on law firms, Carnival's 6-million-record data breach, active GlobalProtect VPN exploits, AI-assisted cyber threats, phishing campaigns, and newly exploited software vulnerabilities.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Fcybersecurity-news-update-week-22-of-2026%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=FBI%20Warns%20Firms%2C%20Carnival%20Data%20Breach%2C%20GlobalProtect%20Exploits%20Active%20%E2%80%93%20Cybersecurity%20News%20%5BMay%2025%2C%202026%5D&url=undefined%2Fblog%2Fcybersecurity-news-update-week-22-of-2026%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Fcybersecurity-news-update-week-22-of-2026%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Fcybersecurity-news-update-week-22-of-2026%2F&title=FBI%20Warns%20Firms%2C%20Carnival%20Data%20Breach%2C%20GlobalProtect%20Exploits%20Active%20%E2%80%93%20Cybersecurity%20News%20%5BMay%2025%2C%202026%5D "Share on Reddit") [ ](mailto:?subject=FBI%20Warns%20Firms%2C%20Carnival%20Data%20Breach%2C%20GlobalProtect%20Exploits%20Active%20%E2%80%93%20Cybersecurity%20News%20%5BMay%2025%2C%202026%5D&body=Check out this article: undefined%2Fblog%2Fcybersecurity-news-update-week-22-of-2026%2F "Share via Email") 

![Cybersecurity news](https://media.mailhop.org/duocircle/spf-permerror-5686-1780301891080.jpg) 

Here’s a quick roundup of the most **important cybersecurity stories** from this past week, highlighting major data breaches, active exploits, state-sponsored threats, and emerging scams shaping the [cybersecurity](https://www.duocircle.com/) space right now. ShinyHunters continued its unprecedented rampage against corporate America, the FBI issued a rare physical-intrusion warning about law firm attacks, and [new AI-powered threat groups](https://www.cybersecuritydive.com/news/threat-groups-ai-speed-scale-cyberattacks/812439/) emerged from both Russia and Iran. Here’s everything that happened.

## FBI Warns Law Firms: Silent Ransom Group Is Now Showing Up in Person

Silent Ransom Group, a long-running data extortion operation, is continuing to hi**t U.S.-based law firms** by impersonating IT support and, in some cases, visiting victims in person to gain physical access to computers, the [FBI warned](https://cyberscoop.com/fbi-warning-silent-ransom-group-law-firms/) in an alert issued May 27, 2026.

The Russia-linked extortion gang has escalated to physically walking operatives into law firm offices under the guise of IT support. The gang has already had data from more than 38 firms published on its public [leak site](https://www.techtimes.com/articles/317293/20260527/silent-ransom-group-sends-operatives-law-firm-offices-38-firms-already-leaked.htm), and researchers say the total attack count exceeds 100 with activity **surging sharply in early 2026**.

In this scheme, the threat actor tells the victim they need to image the device or create a backup file to address potential impacts from a [phishing email](https://www.duocircle.com/email/phishing-protection/). Once the threat actor obtains access to the victim’s device, they minimally escalate privileges and quickly pivot to data exfiltration without any ransomware encryption. The lack of encryption makes the attack extremely stealthy and difficult to detect in real time.

![SPF Record Checker 1208](https://media.mailhop.org/duocircle/spf-record-checker-1208-1780302023008.jpg)

## Carnival Cruise Line Notifies Nearly 6 Million Customers of Data Breach

Carnival Corporation, one of the world’s largest cruise operators, confirmed a data breach weeks after the [ShinyHunters hacking group](https://socradar.io/blog/shinyhunters-breach-instructure-students-teachers/) claimed it had stolen millions of customer records. Carnival acknowledged a phishing incident involving a **single employee account** and stated that it was investigating the scope of the unauthorized activity.

Carnival began issuing formal breach notification letters on May 27, 2026, nearly six weeks after the incident was confirmed, alerting an estimated 6 million affected individuals across the United States. The company said it has determined that names, email addresses, phone numbers, dates of birth, and driver’s license and passport numbers were included in the impacted data. Carnival is offering two years of **free credit monitoring** for affected customers.

This marks yet another entry in Carnival’s troubling cybersecurity track record, which includes [ransomware attacks](https://www.k12dive.com/news/ransomware-attacks-against-education-sector-slow-worldwide/811133/) and multiple phishing incidents dating back to 2019.

## Palo Alto PAN-OS GlobalProtect Auth Bypass Now Actively Exploited

[Palo Alto Networks](https://thehackernews.com/2026/05/pan-os-globalprotect-authentication.html) has warned that a recently disclosed medium-severity security flaw impacting PAN-OS and Prisma Access has come under active exploitation in the wild. The vulnerability, tracked as CVE-2026-0257 (CVSS score: 7.8), could be exploited by bad actors to set up unauthorized VPN connections by bypassing the GlobalProtect portal and **gateway authentication**.

CISA added the vulnerability to the Known Exploited Vulnerabilities **catalog on May 29, 2026**. The practical risk is direct: a vulnerable GlobalProtect portal or gateway can let an attacker establish an unauthorized VPN connection, which can then become the starting point for internal reconnaissance, credential theft, and lateral movement.

Rapid7 MDR confirmed exploitation in multiple customer environments. Analysts observed that the [Cloud Authentication Service (CAS)](https://www.okta.com/identity-101/central-authentication-service/) was disabled and authentication override cookies were enabled in compromised systems, consistent with [CVE-2026-0257](https://www.rapid7.com/blog/post/etr-rapid7-observed-exploitation-of-pan-os-globalprotect-authentication-bypass-vulnerability-cve-2026-0257/). A second wave of exploitation was observed on May 21, believed to originate from the same [threat actor](https://www.duocircle.com/blog/email-security/what-threat-actor-can-do-with-your-emails-without-password/).

## FortiClient EMS Flaw Exploited to Deliver Fake Patch Hiding New Credential Stealer

In May 2026, **Arctic Wolf observed** a cluster of malicious activity affecting endpoints managed by FortiClient Endpoint Management Server (EMS). The malicious payload was disguised as a fake Fortinet endpoint patch, but it was actually a credential stealer.

![Sender Policy Framework 1211](https://media.mailhop.org/duocircle/sender-policy-framework-1211-1780302365868.jpg)

The campaign exploited CVE-2026-35616, a critical **pre-authentication API access** bypass with a CVSS score of 9.1\. The malware called EKZ Infostealer can extract credentials from Chrome, Microsoft Edge, and Firefox, including techniques that bypass Chrome’s encrypted password storage mechanisms.

_The attacker disguised the malware as an update for Fortinet endpoints and executed it through VPN scripting workflows managed by FortiClient_. One telltale sign of exploitation is the presence in logs of the line “Certificate not found in request header,” followed seconds later by a certificate update entry.

## Russia-Linked GREYVIBE Uses ChatGPT and Gemini to Supercharge Attacks on Ukraine

A previously undocumented [Russia-linked threat group](https://cybermagazine.com/news/how-russian-threat-actors-use-dns-hijacking-to-spy-on-you) tracked as GREYVIBE has been weaponizing generative AI tools including ChatGPT, Google Gemini, and Ideogram AI across almost every stage of persistent cyberattacks against Ukrainian military, government, civilian, and business entities since at **least August 2025**, according to research by WithSecure.

WithSecure researchers are confident in their attribution to Russian-speaking operators in the Moscow time zone, but are less certain whether the group is cybercriminal, nation-state, or a mix of the two. Researchers warn that **GREYVIBE’s extensive use** of AI tools offers a glimpse into how future cybercriminal and state-aligned groups will operate.

GREYVIBE ran multiple campaigns including PhantomMail, which used spear-phishing lures impersonating Ukrainian government and emergency entities; PhantomClick, which [used fake CAPTCHA pages](https://www.trendmicro.com/en%5Fus/research/25/e/unmasking-fake-captcha-cases.html) to trick victims into executing malicious commands; and PrincessClub, which deployed fake Ukrainian adult and dating websites to deliver [Android spyware](https://www.malwarebytes.com/blog/news/2025/12/new-android-malware-lets-criminals-control-your-phone-and-drain-your-bank-account) and Windows RATs. Operators used fake female Telegram personas to build trust with military targets in Kharkiv before directing them to lure sites.

## ChatGPhish: New Vulnerability Turns ChatGPT Into a Phishing Weapon

Cybersecurity researchers disclosed details of a vulnerability in OpenAI’s ChatGPT that leverages the AI assistant’s implicit trust in Markdown links and images to trigger prompt injections and open the door to phishing attacks. The technique was [codenamed ChatGPhish](https://thehackernews.com/2026/05/chatgphish-vulnerability-turns-chatgpt.html) by Permiso Security.

Researcher Andi Ahmeti submitted the vulnerability to OpenAI via Bugcrowd on April 29, 2026\. After follow-up communications, the research was **published on May 29, 2026**. At the time of publication, Ahmeti had not received confirmation from OpenAI on whether a fix had been applied meaning the chatbot may still be vulnerable. _Users should be very cautious when asking ChatGPT to summarize third-party web pages_.

In a realistic attack scenario, a bad actor can append a small payload to any web page, and when a victim prompts ChatGPT to summarize that page, the attacker receives the **victim’s IP address**, browser User-Agent, and Referer details through the embedded malicious Markdown images.

## Hackers Claim 340 Million OnlyFans User Records For Sale

Threat actors claimed they are selling [340 million OnlyFans](https://cybernews.com/security/onlyfans-mega-data-leak-hackers-claim/) user records including emails, usernames, and account activity metrics. If confirmed, the mega-leak could expose the real identities of OnlyFans creators and subscribers who value anonymity on the platform.

![Spf Record 1209](https://media.mailhop.org/duocircle/spf-record-1209-1780302707445.jpg)

However, a closer look raises serious doubts. While the attackers present the finding as a major information exposure, technical analysis indicates the material does not stem from a new vulnerability the data appears to correspond to an aggregation of leaks **from August 2025** and prior public sources. OnlyFans itself denied any breach: “According to the available information, these reports are false,” a company spokesperson told Cybernews.

Still, even recycled breach data compiled with public profile information poses real phishing and [identity-linking risks](https://www.cybersecuritydive.com/news/cloud-security-identity-attacks-reliaquest/804621/) to the platform’s millions of users.

## FBI Warns of Fake FIFA 2026 World Cup Websites Stealing Fan Data

Threat actors are actively launching spoofing campaigns targeting FIFA-themed websites ahead of the 2026 FIFA World Cup, according to a **Public Service Announcement** issued by the FBI on May 27, 2026\. The campaign is designed to exploit global interest in the tournament by deceiving users into interacting with fraudulent domains that closely mimic the official FIFA website, harvesting [personally identifiable information](https://www.ibm.com/think/topics/pii) including names, addresses, phone numbers, email credentials, and financial data.

Group-IB’s investigation uncovered a large fraud ecosystem including more than 4,300 fake domains [impersonating FIFA websites](https://www.infosecurity-magazine.com/news/ghost-stadium-fifa-world-cup-fraud/), six separate fraud schemes, and four independent threat actor groups. At the center was a Chinese-speaking group called “GHOST STADIUM,” which operated more than 300 phishing domains designed to mimic FIFA’s official website.

The phishing kit clones FIFA’s login system by silently redirecting victims back to the real FIFA website after stealing their credentials making the interaction appear to be a successful login. Any legitimate tickets associated with the compromised account can then be resold. Fans are urged to only access [www.fifa.com](http://www.fifa.com) by typing it directly in their browser.

## Fake Anthropic Websites Targeting Claude Code Users With Fileless Infostealer

_A new threat intelligence report by security research firm Cyderes exposed an active credential theft campaign targeting users of Anthropic’s Claude Code tool_. The attack begins with SEO poisoning when a user searches for how to install the software, they are taken to a spoofed Anthropic page. They are then instructed to open the **Windows Run dialog box and paste** a malicious mshta.exe command, a classic ClickFix lure that helps attackers establish hands-on keyboard execution to bypass automated sandbox analysis.

![Spf Validator 4588](https://media.mailhop.org/duocircle/spf-validator-4588-1780398379278.jpg)

Once executed, the [infostealer accesses](https://hackread.com/fake-anthropic-sites-fileless-infostealer-claude-code-users/) the browser credential store to steal saved data, then connects to a command-and-control server routing directly to Russian infrastructure. Cyderes confirmed that Anthropic itself has not been compromised. **Defenders are advised** to block wildcard queries to.oakenfjrod.ru and monitor outbound connections from mshta.exe.

## Verizon DBIR 2026: Credential Theft Surges, AI-Assisted Attacks Rise Sharply

_Verizon released its 2026 Data Breach Investigations Report, providing an authoritative analysis of the latest cyber threats and data breach trends_. The report’s data covers incidents between November 1, 2024, and October 31, 2025.

Threat intelligence reports in 2026 show attackers moving faster than ever some [cybercriminal groups](https://www.techradar.com/vpn/vpn-privacy-security/fbi-confirms-25-ransomware-groups-using-first-vpns-now-seized-services-heres-what-we-know) can break into networks and begin spreading laterally in under 30 seconds. AI-assisted attacks are rising sharply, and zero-day vulnerabilities are being exploited faster than security teams can respond. The **DBIR reaffirmed** that many of the biggest breaches of the year were not unstoppable attacks they were preventable failures rooted in skills gaps, weak identity controls, and poor third-party risk management.

## CISA Flags LiteSpeed and Daemon Tools Vulnerabilities as Actively Exploited

The [US Cybersecurity and Infrastructure Security Agency (CISA)](https://en.wikipedia.org/wiki/Cybersecurity%5Fand%5FInfrastructure%5FSecurity%5FAgency) added multiple new flaws to its Known Exploited Vulnerabilities catalog this week, including vulnerabilities in Daemon Tools, TanStack, and Nx Console, as well as a separate flaw in the [LiteSpeed cPanel Plugin](https://thehackernews.com/2026/05/litespeed-cpanel-plugin-cve-2026-48172.html). Federal civilian agencies were issued mandatory remediation deadlines. Organizations using these tools are strongly urged to patch immediately, as **CISA’s KEV additions** signal confirmed in-the-wild exploitation rather than theoretical risk.

![Brad Slavin](https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg) 

Brad Slavin 

General Manager

General Manager at DuoCircle. Product strategy and commercial lead across the email security portfolio.

## Secure your email infrastructure

Protect, authenticate, and deliver. Contact our team to find the right solution.

[Contact Sales](/contact/) [Explore Products](/products/) 

## Related Articles

[  news  Cisco SD-WAN Flaw, Critical NGINX Exploit, Foxconn Ransomware Attack – Cybersecurity News \[May 11, 2026\]  May 18, 2026 ](/blog/cybersecurity-news-update-week-20-of-2026/)[  news  GitHub Code Leak, 7-Eleven Breached, NYC Patient Exposure – Cybersecurity News \[May 18, 2026\]  May 25, 2026 ](/blog/cybersecurity-news-update-week-21-of-2026/)[  news  DentaQuest Data Leak, Cisco Patch Pending, Instagram Security Bug – Cybersecurity News \[June 01, 2026\]  Jun 8, 2026 ](/blog/cybersecurity-news-update-week-23-of-2026/)[  news  Oracle Zero-Day Breach, VPN Security Alert, ServiceNow Denies Breach – Cybersecurity News \[June 08, 2026\]  Jun 15, 2026 ](/blog/cybersecurity-news-update-week-24-of-2026/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}],"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://www.g2.com/products/phish-protection-by-duocircle/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://support.duocircle.com"},"knowsAbout":["Email Security","Email Authentication","SPF","DKIM","DMARC","Phishing Protection","Spam Filtering","SMTP Relay","Email Deliverability","Email Forwarding"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"DuoCircle LLC","url":"https://www.duocircle.com","description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}
```

```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"FBI Warns Firms, Carnival Data Breach, GlobalProtect Exploits Active – Cybersecurity News [May 25, 2026]","description":"Cybersecurity News: FBI warns of Silent Ransom attacks, Carnival confirms 6M-record breach, GlobalProtect exploits surge, and AI-powered threats grow.","url":"https://www.duocircle.com/blog/cybersecurity-news-update-week-22-of-2026/","datePublished":"2026-06-01T00:00:00.000Z","dateModified":"2026-06-01T00:00:00.000Z","dateCreated":"2026-06-01T00:00:00.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/cybersecurity-news-update-week-22-of-2026/"},"articleSection":"news","keywords":"","image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/spf-permerror-5686-1780301891080.jpg","caption":"Cybersecurity news"},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}},{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":2,"name":"news"},{"@type":"ListItem","position":3,"name":"FBI Warns Firms, Carnival Data Breach, GlobalProtect Exploits Active – Cybersecurity News [May 25, 2026]","item":"https://www.duocircle.com/blog/cybersecurity-news-update-week-22-of-2026/"}]}]
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://www.duocircle.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":3,"name":"news","item":"https://www.duocircle.comundefined"},{"@type":"ListItem","position":4,"name":"FBI Warns Firms, Carnival Data Breach, GlobalProtect Exploits Active – Cybersecurity News [May 25, 2026]","item":"https://www.duocircle.com/blog/cybersecurity-news-update-week-22-of-2026/"}]}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"FBI Warns Firms, Carnival Data Breach, GlobalProtect Exploits Active – Cybersecurity News [May 25, 2026]","description":"Cybersecurity News: FBI warns of Silent Ransom attacks, Carnival confirms 6M-record breach, GlobalProtect exploits surge, and AI-powered threats grow.","url":"https://www.duocircle.com/blog/cybersecurity-news-update-week-22-of-2026/","datePublished":"2026-06-01T00:00:00.000Z","dateModified":"2026-06-01T00:00:00.000Z","dateCreated":"2026-06-01T00:00:00.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/cybersecurity-news-update-week-22-of-2026/"},"articleSection":"news","keywords":"","image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/spf-permerror-5686-1780301891080.jpg","caption":"Cybersecurity news"},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```