A concise but sophisticated phishing campaign that targeted AWS console users by abusing Cloudflare-hosted domains to deliver adversary-in-the-middle (AiTM) credential theft. Each domain served an almost identical clone of the AWS console sign-in page and implemented a server-driven flow that dynamically branched into email, SMS, or authenticator-app MFA challenges, enabling real-time capture of second factors. […]
The post Hackers Abuse Cloudflare-Hosted AWS Phishing Domains to Steal Console Logins appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
This article has been indexed from GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Read the original article: