WeLiveSecurity

EvilTokens: A phishing attack that doesn’t steal your password

A phishing kit subverting Microsoft’s legitimate authentication flow lets attackers break into accounts without stealing ...
DevPro Journal

Protect your development team from advanced phishing

New phishing-as-a-service platforms target devs by hijacking legitimate sessions. Discover how to build a resilient security ...
The Hacker News

ThreatsDay Bulletin: Claude Chat Abuse, NastyC2 npm Packages, Device-Code Phishing + 25 More Stories

ThreatsDay Bulletin covers AI abuse, poisoned packages, phishing, macOS attacks, SD-WAN flaws, scams, and supply-chain ...
Dark Reading

Tycoon 2FA Phishers Scatter, Adopt Device Code Phishing

In the wake of a major takedown of phishing's biggest brand name, Tycoon 2FA, phishers worldwide have scattered. Some have stuck around, but many have moved to other phishing service providers, and ...