Digital Crumbs: Exploiting Entra ID’s Session Cookies to Breach Microsoft 365
Digital Crumbs: Exploiting Entra ID’s Session Cookies to Breach Microsoft 365 In a recent wave of sophisticated cyberattacks, security researchers uncovered a stealthy campaign dubbed “Cookie Bite,” which targets Microsoft Entra ID (formerly Azure Active Directory) to compromise Microsoft 365 accounts. The attackers abuse OAuth and session tokens to bypass multi-factor authentication (MFA) protections and […]
Beware of Malicious Campaigns with HR and Target Employee Trust
Beware of Malicious Campaigns with HR and Target Employee Trust Cybercriminals are taking advantage of Q1 performance evaluations by sending HR-themed phishing emails that impersonate “Human Capital” departments. These deceptive messages create a false sense of urgency and authority, prompting employees to click on malicious links leading to a JotForm survey and a fake Microsoft […]
PoisonSeed – A Sophisticated Phishing Campaign Seeks Extensive Crypto Theft
PoisonSeed – A Sophisticated Phishing Campaign Seeks Extensive Crypto Theft PoisonSeed is a sophisticated phishing campaign uncovered by threat analysts, targeting enterprise organizations, VIPs, and cryptocurrency holders. Active in March 2025, it exploits CRM and bulk email providers like Mailchimp, SendGrid, and HubSpot to steal email lists and distribute spam. This includes a unique phishing […]
Surge in Real Estate Scams Across the Middle East
Surge in Real Estate Scams Across the Middle East A new wave of real estate scams has emerged across the Middle East, targeting individuals and businesses seeking to invest in property. Cybercriminals are using fake property listings, fraudulent investment schemes, and phishing attacks to deceive victims into transferring large sums of money. These scams are […]
Phishing Campaign Abuses Webflow CDN & CAPTCHAs to Steals Credit Card Data
Phishing Campaign Abuses Webflow CDN & CAPTCHAs to Steal Credit Card Data A recent cybersecurity report reveals a sophisticated phishing campaign that exploits the Webflow CDN and deceptive CAPTCHA images to steal credit card data. Attackers employ search engine optimization (SEO) tactics to drive victims to malicious PDFs, which lead them through a fake CAPTCHA […]