Fable Security

Human risk, meet your match. Cybersecurity. From Jim in Receivables.

Read more about the incident: fablesecurity.com/resources/blog…

Microsoft 365 accounts are being targeted with OAuth device code phishing, avoiding passwords and MFA to steal session tokens. We break down the attack and share a short, free, downloadable video you can send to employees. Watch now: youtu.be/u4v6CLcwmio

@NordPass @NordStellar Read NordPass’s article: nordpass.com/most-common-pa…  Check out our human risk playbook: fablesecurity.com/resources/blog…

Myth: younger generations are better at cybersecurity.  Reality: password habits say otherwise.  “123456” is still the most common password across generations, per @NordPass + @NordStellar.  Strong, unique passwords + MFA still matter. A lot. Resources to protect your data 👇

When 86% of CISOs expect AI-driven threats to rise, you pay attention to the teams building the next layer of defense. Cheers to the companies and founders highlighted in the early stage category of this year’s Cyber 60, our annual list with @FortuneMagazine and @awscloud, recognizing the 60 most innovative and fastest-growing companies in cybersecurity. 7AI Co-Founder and CEO @LiorDiv @AdaptiveSec Co-Founder and CEO @BrianCLong @AndromedaSec Co-Founder and CEO Murali Basavaiah Clutch Security Co-Founder and CEO Ofir Har-Chen @Cogent_Security Co-Founder and CEO @vineete_5 @DropzoneAI Founder and CEO Edward Wu @FableSecurity Co-Founder and CEO Nicole Jiang @GetKoidex Co-Founder and CEO @amitassaraf @LegionSecAI Co-Founder and CEO Ely Abramovitch @Linx_Security Co-Founder and CEO @IsraelDuanis Litt Co-Founder and CEO Yossi Torati @OasisSec Co-Founder and CEO Danny Brickman @Outtake_ai Founder and CEO @adylon7 @P0Security Co-Founder and CEO @shashwatsehgal @ProphetSec Co-Founder and CEO @kdshah @StraikerAI Co-Founder and CEO @ankurdotshah Vega Co-Founder and CEO Shay Sandler @VirtueAI_co Co-Founder and CEO @uiuc_aisecure WitnessAI Co-Founder and CEO Rick Caccia @ZenitySec Co-Founder and CEO @benkliger #Cyber60 lsvp.com/cyber60-2025-2…

Will 2026 be the year #cybersecurity finally masters behavior change? Nicole Jiang of @FableSecurity says #security will adopt #Adtech tactics—using real-time signals & personalized nudges to turn "weak links" into strong defenses. Read: vmblog.com/archive/2025/1… #predictions

And on the last day of Riskmas, we leave you with this: some risks travel together, creating toxic combinations that quietly amplify exposure. So, find the overlap, prioritize the toxic combos, and zap risk. Read now: na2.hubs.ly/H02MZnP0

Technically Christmas is over. But Riskmas is still in full swing.  In our second-to-last blog of the series, we focus on how important targeting is in human risk campaigns.  Learn how targeted campaigns have better engagement and lead to lasting change: na2.hubs.ly/H02MW210

Curious what this means for security teams next year? Read Fable CEO Nicole Jiang’s take on what will change in cybersecurity in 2026 in Cyberwire’s article: thecyberwire.com/stories/5a2a95…

Security tends to treat human behavior as immutable. In 2026, that'll change. Cybersecurity is adapting to what other industries have known for years: behavior changes when the message is targeted, relevant, and timely. The shift is starting, and we’re pushing it forward. 🧵

Metrics should do more than decorate dashboards. Real risk involves behavior, context, speed, and durability. Not vanity metrics like phishing click rates or training completions. More details in today’s post: na2.hubs.ly/H02MlWc0

@lightspeedvp @FortuneMagazine @awscloud Thank you @lightspeedvp ! Honored to make the list

Learn more about toxic risk combinations: fablesecurity.com/resources/blog…

Not all human risks fly solo. When two or more risks overlap more than you’d expect by chance, we call that a toxic combination. Learn more about toxic combos, risk lift, and how this info can help your targeted behavior campaigns 👉

Read the report: fablesecurity.com/resources/blog…

Who’s really pushing the limits with generative AI? Tech teams. By a lot. Our research shows employees aren’t just playing around, they’re uploading real code, documents, and potentially sensitive work. Innovation moves fast. It’s time to help risk guardrails keep up.

📉 What’s the half-life of a security campaign? Find out here: fablesecurity.com/resources/blog…

You fixed the behavior. 🎉 But did it stick? Behavior decay reveals how fast people drift back to risky habits once a campaign ends. 👉 Lasting change needs relevant guidance + ongoing monitoring before the risk comes back.  Check out day 7 of riskmas to learn more.  ➡️

Phishing campaigns on autopilot? Yes, please.  Recurring phishing simulations in Fable let you automate campaigns for up to a year—no constant setup, no busywork—so your team can focus on the strategic stuff.  Read more: na2.hubs.ly/H02F48B0

Read the full breakdown: fablesecurity.com/resources/blog…

From riskmas to risqué-mas, we’ve learned a lot this holiday season.  An uncomfortable and clear reminder from the Mixpanel breach: Pornhub data exposure can quickly turn into a human and workplace security issue. Full breakdown + a free <2-min video below 👇