SecBoard
Zurück zur Übersicht
ManagerRed-TeamerAD & Identity

The New Phishing Click: How OAuth Consent Bypasses MFA

The Hacker News·
Originalartikel lesen bei The Hacker News

In February 2026, a phishing-as-a-service (PhaaS) platform called EvilTokens went live. Within five weeks, it had compromised more than 340 Microsoft 365 organizations across five countries. The targets of the platform received a message asking them to enter a short code at...

MITRE ATT&CK Kill Chain (1 Techniken)

Initial Access
T1566

Phishing

Vollständigen Artikel lesen bei The Hacker News

Verwandte Artikel

Feeding Frenzy: 'Megalodon' Malware Infects Thousands of GitHub Repos

Dark Reading·vor etwa 1 Stunde

Charter confirms data breach after ShinyHunters extortion threat

BleepingComputer·vor etwa 1 Stunde

The Hackers Behind Shai-Hulud: Lucky or Skilled?

Dark Reading·vor etwa 1 Stunde

MuddyWater Uses DLL Side-Loading in Espionage Campaign Targeting 9 Countries

The Hacker News·vor etwa 5 Stunden

Identifying People Using Wi-Fi Routers

Schneier on Security·vor etwa 6 Stunden