The “SessionShark” phishing toolkit circumvents Microsoft Office 365’s multi-factor authentication (MFA) by stealing session tokens. Marketed as phishing-as-a-service, it targets low-skilled attackers with realistic replicas of login interfaces and advanced evasion techniques. The toolkit alerts attackers in real-time when credentials are submitted, underscoring the need for enhanced security measures beyond MFA to combat evolving threats in cloud environments.
North Korean Hackers Use Fake U.S. Companies to Spread Malware in Crypto Industry: Report
North Korean hackers reportedly set up shell companies in the US to penetrate the crypto sector and target developers via fake job offers, according to
