Misconfigured Server Reveals Three Evilginx Phishing Operations Targeting Microsoft 365

An attacker running a live Microsoft 365 phishing operation left a Python web server listening on a public port with directory listing switched on. The command that did it: python3 -m http.server 8080, was still sitting in the readable .bash_history.

From that one lapse, French security firm Lexfo lifted the operator’s entire toolkit and pivoted through it to two more

Source: The Hacker News

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

Attack Update: Top 5 Attack-IPs auf doode.info – 01.07.2026

Watchtower Attack Update. Hier die aktuellen Top 5 Attack-IPs, die auf doode.info klopfen. 89.167.35.212 — 377 requests (recent log) 165.22.226.40 — 81 requests (recent log) 216.73.216.215 — 68 requests (recent

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys Threat actors are exploiting a recently patched security flaw impacting Gravity SMTP, a WordPress plugin that’s installed on about

Why I email complete strangers

Why I email complete strangers Source: Hacker News