DomainTools
👔We’ve analyzed a highly sophisticated Adversary-in-the-Middle (AiTM) phishing kit targeting Microsoft 365 & Entra ID. Active since Dec 2025, it smoothly bypasses traditional MFA (SMS, TOTP, Push). Read the investigation here:http://dti.domaintools.com/securitysnacks/securitysnack-hijacking-corporate-sessions
#Cybersecurity #MFA #InfoSec
DomainTools Investigations | SecuritySnack - Hijacking Corporate Sessions

DomainTools dissects an AiTM phishing kit targeting Microsoft 365/Entra ID: CAPTCHA cloaking, corporate email harvest, and MFA-bypassing cookie theft.

Jun 5 at 6:30pmWeb