🚨 #Tykit phishing kit is targeting hundreds of US & EU companies, stealing Microsoft 365 credentials using malicious SVG files and bypassing MFA through AitM attacks.
Learn how this #PhaaS works, who's being targeted, and how to defend your organization: https://any.run/malware-trends/tykit/?utm_source=mastodon&utm_medium=post&utm_campaign=tykit_mtt&utm_term=080126&utm_content=linktomtt
🚨 #Tykit phishing kit is stealing Microsoft 365 credentials using malicious SVG files and bypassing MFA through #AitM attacks.
Learn how this #PhaaS works, who's being targeted, and how to defend your organization: https://any.run/malware-trends/tykit/?utm_source=mastodon&utm_medium=post&utm_campaign=tykit_mtt&utm_term=031125&utm_content=linktomtt
🕵️♂️ #Tykit phishkit targeting hundreds of US & EU companies exposed.
Multi-stage attack uses SVG redirects and /api/validate C2 calls to steal Microsoft 365 creds.
Detected and traced in #ANYRUN’s sandbox within minutes.
Read the full analysis & get IOCs: https://any.run/cybersecurity-blog/tykit-technical-analysis/?utm_source=mastodon&utm_medium=post&utm_campaign=tykit&utm_term=311025&utm_content=linktoblog
🚨 From fake Google Careers pages to Figma phishing, attackers continued to exploit trusted platforms at scale in October.
See all major cyber attacks & threats over the past 30 days, including #LockBit 5.0 and the new #Tykit phishing kit ⬇️
https://any.run/cybersecurity-blog/cyber-attacks-october-2025/?utm_source=mastodon&utm_medium=post&utm_campaign=cyberattacks-october2025&utm_term=291025&utm_content=linktoblog
🚨 We uncovered #Tykit, a new #phishing kit targeting hundreds of US & EU companies in finance, construction, and telecom.
It uses SVG-based delivery to harvest Microsoft 365 credentials ⚠️
See full analysis, how to detect it, and gather #IOCs: https://any.run/cybersecurity-blog/tykit-technical-analysis/?utm_source=mastodon&utm_medium=post&utm_campaign=tykit&utm_term=211025&utm_content=linktoblog
ANY.RUN
The Threat Codex