A sophisticated phishing campaign targeting Microsoft Office 365 users has emerged, combining several advanced techniques to evade detection and harvest credentials. The attack, identified in early April 2025, leverages encrypted HTML files, content delivery networks (CDNs), and malicious npm packages in a multi-stage approach that cybersecurity experts describe as unusually complex for typical phishing operations. […]
The post New Microsoft O365 Phishing Attack Uses AES & Malicious npm Packages to Steal Login Credentials appeared first on Cyber Security News.
This article has been indexed from Cyber Security News