This article has been indexed from The Hacker News
A novel phishing technique called browser-in-the-browser (BitB) attack can be exploited to simulate a browser window within the browser in order to spoof a legitimate domain, thereby making it possible to stage convincing phishing attacks.
According to penetration tester and security researcher, who goes by the handle mrd0x_, the method takes advantage of third-party single sign-on (SSO) options
Read the original article: New Browser-in-the Browser (BITB) Attack Makes Phishing Nearly Undetectable