Darktrace’s Security Operations Center (SOC) in late 2024 and early 2025, cybercriminals have been exploiting legitimate Software-as-a-Service (SaaS) platforms like Milanote to orchestrate sophisticated phishing campaigns. These attacks, bolstered by the Tycoon 2FA phishing kit, demonstrate an advanced Adversary-in-the-Middle (AiTM) approach that circumvents multi-factor authentication (MFA) protections. Leveraging Legitimate Services for Stealthy Attacks By abusing […] The post AiTM Phishing Kits Bypass MFA by Hijacking Credentials and Session Tokens appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/aitm-phishing-kits-bypass-mfa-by-hijacking-credentials/
