LayerX Labs

Blog Post

LayerX Labs Identifies New Phishing Campaign Targeted at Mac Users

A new phishing attack campaign, targeting Mac users and identified by LayerX Labs, shows the trials and tribulations of combating online phishing, and how attacks morph and shift in response to adaptations by security tools. For the past few months, LayerX has been monitoring a sophisticated phishing campaign that initially targeted Windows users by masquerading […]

Blog Post

The Enterprise GenAI Data Security Report 2025: How Enterprises Consume GenAI Tools

GenAI has become an essential component in the employee toolkit. Yet, going beyond bombastic headlines such as these, actual quantitative data about how AI applications are being used remains surprisingly scarce. At LayerX, our enterprise browser extension provides us with visibility into users’ activities in the browser, where GenAI application usage takes place. We can […]

Blog Post

Attack Campaign Targeting Browser Extensions: What Happened, Who’s Impacted, How to Protect Yourself, and How LayerX Can Help (Rolling Updates)

Blog Post

How a Simple DocuSign Email Could Have Cost Us Everything: A Close Call with Phishing

During the past few weeks, LayerX Labs identified a phishing campaign that impersonates legitimate DocuSign emails, attempting to trick victims into revealing sensitive information. Here’s what happened, and how LayerX prevented a potential security disaster. It started like any other Monday morning. Sarah, a senior account manager (a fictional character for illustration purposes), was going […]

Blog Post

LayerX Labs Identifies New AI Attack Vector: GPT Masquerading Attacks

LayerX Labs has identified a novel attack vector for malicious actors to try and extract sensitive data from unsuspecting users: GPT Masquareding Attacks.  In this attack, hackers impersonate legitimate GPTs hosted on OpenAI’s ChatGPT platform in order to lure users to fake versions of those GPTs and send the data that users share with the […]

Blog Post

LayerX Labs Identifies New Zero-Hour Phishing Attack Mimicking Microsoft Security Notifications

LayerX Labs identified a new zero-day phishing campaign that impersonates Microsoft security notifications to lure victims into sharing their login credentials and payment details.  The attack mimics a Microsoft Windows Defender security alert, urging users to call a hotline number, enter their credentials, and provide payment to the call center to ‘secure’ their computer.  This […]

Blog Post

Malicious iPhone application distributed using sophisticated desktop malvertising campaign

In the last few years, both attackers and defenders have increased their capabilities in the infinite cat-and-mouse game. Attackers have scaled their phishing operations for stealing credentials and identities. Defenders have adopted a zero trust security approach in which users often use their mobile devices to authenticate into their desktop applications. The chase goes on. […]