A multi-organization phishing campaign attributed to the CodeStorm family is actively targeting Microsoft 365 tenants with a tenant-aware AiTM (adversary-in-the-middle) phishing kit that combines rotating frontends and backend replay behavior under a stable controller path, /google.php. The human recipient rarely scrolls to that dummy conversation, but automated secure email gateways frequently do; the added “conversation […] The post CodeStorm Phishing Campaign Targets M365 Tenants With Token Reuse and Replay Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/codestorm-phishing-campaign-targets-m365/
