Misconfigured Server Reveals Three Evilginx Phishing Operations Targeting Microsoft 365

Read full story on The Hacker News
Share
Misconfigured Server Reveals Three Evilginx Phishing Operations Targeting Microsoft 365
AI disclosure

Summary

An attacker running a live Microsoft 365 phishing operation left a Python web server listening on a public port with directory listing switched on. The command that did it: python3 -m http.server 8080, was still sitting in the readable .bash_history. From that one lapse, French security firm Lexfo lifted the operator's entire toolkit and pivoted through it to two more

Original reporting

Open original source

Related coverage

Read full article on The Hacker News

Get the AFBytes Brief

Major stories, AI-assisted analysis, and what to watch next. Free, monthly, unsubscribe anytime.