The threat actor known as PoisonSeed, loosely affiliated with groups like Scattered Spider and CryptoChameleon, has deployed an active phishing kit designed to circumvent multi-factor authentication (MFA) and harvest credentials from individuals and organizations. This kit, operational since April 2025, targets login services of major CRM and bulk email providers such as Google, SendGrid, and […] The post PoisonSeed Phishing Kit Bypasses MFA to Steal Credentials from Users and Organizations appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/poisonseed-phishing-kit-bypasses-mfa/
