1Password adds phishing-URL pop-up warnings to block credential theft
Security Tool/Service
Summary
Hide ▲
Show ▼
1Password has added built-in protection against phishing URLs, helping users avoid credential theft on malicious login pages. The update adds a pop-up warning when a site looks suspicious, especially on typosquatted domains that try to mimic legitimate pages. That matters because password managers can still be bypassed when users manually type credentials after missing small URL differences. The feature is enabled automatically for individual and family plan users, while enterprise admins can turn it on through Authentication Policies.
Related Happenings
Bitwarden adds passkey login for Windows 11 sign-in
Security Tool/Service
First: 05.03.2026 00:34
Last: 05.03.2026 00:34
Sources 1
About this happening:
**Bitwarden** added **passkey login** for **Windows 11**, expanding passwordless sign-in and reducing phishing exposure for users who store credentials in the vault.
Bitwarden adds passkey login for Windows 11 sign-in
Security Tool/ServiceAbout this happening: **Bitwarden** added **passkey login** for **Windows 11**, expanding passwordless sign-in and reducing phishing exposure for users who store credentials in the vault.
Jinkusu-Starkiller ecosystem shift changes threat-actor operations
Threat Actor Meta
First: 03.03.2026 13:10
Last: 03.03.2026 13:10
Sources 1
About this happening:
**Jinkusu** is marketing **Starkiller** as a phishing-as-a-service platform that proxies live login pages to **bypass MFA** and capture session tokens. The service lets customers...
Jinkusu-Starkiller ecosystem shift changes threat-actor operations
Threat Actor MetaAbout this happening: **Jinkusu** is marketing **Starkiller** as a phishing-as-a-service platform that proxies live login pages to **bypass MFA** and capture session tokens. The service lets customers...
Jinkusu's Starkiller phishing-as-a-service ecosystem commoditizes account takeover
Threat Actor Meta
First: 20.02.2026 22:00
Last: 20.02.2026 22:00
Sources 1
About this happening:
A new phishing-as-a-service operation tied to **Jinkusu** is proxying real login pages through attacker infrastructure, making **MFA bypass** and account takeover easier for low-s...
Jinkusu's Starkiller phishing-as-a-service ecosystem commoditizes account takeover
Threat Actor MetaAbout this happening: A new phishing-as-a-service operation tied to **Jinkusu** is proxying real login pages through attacker infrastructure, making **MFA bypass** and account takeover easier for low-s...
Starkiller dark-web phishing platform scales credential theft as a SaaS-style criminal service
Threat Actor Meta
First: 19.02.2026 14:00
Last: 19.02.2026 14:00
Sources 1
About this happening:
The **Starkiller** phishing platform has emerged as a **SaaS-style criminal service**, raising the scale and durability of credential theft operations. It is sold on the **dark we...
Starkiller dark-web phishing platform scales credential theft as a SaaS-style criminal service
Threat Actor MetaAbout this happening: The **Starkiller** phishing platform has emerged as a **SaaS-style criminal service**, raising the scale and durability of credential theft operations. It is sold on the **dark we...
U.S. survey finds high phishing exposure and weak URL-checking habits
Target Trend
First: 25.01.2026 17:17
Last: 25.01.2026 17:17
Sources 1
About this happening:
A **recent 2000-person U.S. survey** found that phishing exposure remains widespread and that many users still skip basic URL checks before clicking, increasing credential-theft r...
U.S. survey finds high phishing exposure and weak URL-checking habits
Target TrendAbout this happening: A **recent 2000-person U.S. survey** found that phishing exposure remains widespread and that many users still skip basic URL checks before clicking, increasing credential-theft r...
Timeline
-
25.01.2026 17:17 2 articles · 4mo ago
1Password adds phishing-URL pop-up warnings
Mitigation Patch Update1Password adds built-in protection against phishing URLs by showing a pop-up when users land on suspicious pages, helping prevent manual credential entry on typosquatted domains. The protection is enabled automatically for individual and family plan users, and enterprise admins can turn it on for company employees through Authentication Policies in the 1Password admin console.
Show sources
- 1Password adds pop-pup warnings for suspected phishing sites — www.bleepingcomputer.com — 25.01.2026 17:17
- 1Password adds pop-pup warnings for suspected phishing sites — www.bleepingcomputer.com — 25.01.2026 17:17