A misconfigured server in Budapest exposed a live phishing operation built to bypass Microsoft 365 multi-factor authentication and retain access to compromised accounts. The server, hosted at 185.163.204[.]7185.163.204[.]7185.163.204[.]7, was running python3 -m http.server 8080 with directory listing enabled, making its operational files publicly accessible. Researchers found phishing configurations, Telegram session artifacts, credential logs, RMM installers, […]
The post Exposed Server Unmasks Evilginx Operators Stealing Microsoft 365 Sessions and OAuth Tokens appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
This article has been indexed from GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Read the original article: