Cybersecurity Insights Archives

What looks like a harmless calendar invite can be a hidden delivery system.
Attackers are now embedding base64-encoded HTML payloads inside .ics files — turning “urgent meeting” requests into stealth phishing and credential traps. In this week’s #PacketHunters, we dissect how HTML smuggling works inside calendar invites, how different mail clients handle it, and how to simulate it safely before the attackers do.

Cybersecurity Insights

Decoded – Nerd Thoughts: from dumpster dives to AI traps

Cybersecurity Insights / Claudia Galingani Mongini

October isn’t just another month. It’s Cybersecurity Awareness Month, promoted worldwide by agencies like CISA in the US and ENISA in Europe. Their message is simple but urgent: cybersecurity is not just an IT problem, it’s a people problem.Awareness saves systems, organizations, and sometimes entire communities. At Baited, we believe the same – but with

Cybersecurity Insights Phishing Awareness

Your wrist is a vault.. until the vault leaks!

Cybersecurity Insights, Phishing Awareness / Claudia Galingani Mongini

Your smartwatch isn’t just counting steps, it’s quietly building a map of your life. Every heartbeat, sleep cycle, and GPS ping is logged across different apps and clouds, each one a potential breach point. When attackers combine those leaks with phishing emails that mimic trusted brands, the result is more than stolen data: it’s identity exposure, targeted scams, and a perfect playbook for social engineering.

Customer Stories / Case Studies Cybersecurity Insights

Challenges of Building an AI system for Phishing Simulation

Customer Stories / Case Studies, Cybersecurity Insights / Francesco Baccaro

In today’s rapidly evolving threat landscape, it is important to integrate innovative security solutions to mitigate new attack trends. One area of innovation involves leveraging multi-modal large language models (LLMs) to simulate more realistic attack scenarios. However, building and deploying such sophisticated systems, especially for activities like phishing simulation, presents a unique set of challenges

Cybersecurity Insights

DORA Compliance: Why Social Engineering Tests Are Critical

Cybersecurity Insights / Riccardo Masutti

Social Engineering Simulations Are Essential for DORA Compliance — And Baited Leads the Way If your organization falls under the EU’s Digital Operational Resilience Act (DORA), the time for passive cybersecurity measures is over. DORA is not just another box-ticking compliance framework. It’s a wake-up call to all covered entities across Europe: prepare for real

Cybersecurity Insights

#PacketHunters – HTML smuggling in Calendar invites (aka the .ics you didn’t inspect)

Decoded – Nerd Thoughts: from dumpster dives to AI traps

Your wrist is a vault.. until the vault leaks!

Challenges of Building an AI system for Phishing Simulation

DORA Compliance: Why Social Engineering Tests Are Critical