News

Double check your Microsoft 365 and Google accounts - this VoidProxy phishing service is hitting them hard

Attacks begin from compromised email addresses and use fake login pages hosted on disposable domains Phishing kits now include automation, support, and GenAI-enhanced content, making campaigns more ...
Hosted on MSN

Hackers are stealing Microsoft 365 accounts by abusing link-wrapping services

Crooks are using link wrapping services to entice victims into clicking The links redirect the victims to a fake Microsoft 365 landing page The campaign has been going on for at least two months ...
Bleeping Computer

Hackers abuse OAuth 2.0 workflows to hijack Microsoft 365 accounts

Russian threat actors have been abusing legitimate OAuth 2.0 authentication workflows to hijack Microsoft 365 accounts of employees of organizations related to Ukraine and human rights. The adversary ...
Bleeping Computer

Attackers exploit link-wrapping services to steal Microsoft 365 logins

A threat actor has been abusing link wrapping services from reputed technology companies to mask malicious links leading to Microsoft 365 phishing pages that collect login credentials. The attacker ...