Microsoft

Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale

Tycoon2FA has become a leading phishing-as-a-service (PhaaS) platforms, enabling campaigns that reach over 500,000 ...

Google’s spam update vs. AI affiliate sites: An SEO experiment

An experiment with AI affiliate sites shows how Google’s spam systems treat low-trust, programmatic SEO — and why it can’t stand alone.
The Hacker News

North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT

North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT ...
Microsoft

OAuth redirection abuse enables phishing and malware delivery

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users ...
Nigerian CommunicationWeek

Kaspersky Discovers New Phishing Campaign Exploiting Google Tasks Notifications to Steal Corporate Credentials

Kindly share this postKaspersky has uncovered a new phishing scheme that abuses legitimate Google Tasks notifications to ...