The Hacker News

Starkiller Phishing Suite Uses AitM Reverse Proxy to Bypass Multi-Factor Authentication

Starkiller phishing suite uses live reverse proxying to bypass MFA, while attackers abuse OAuth device codes to hijack Microsoft 365 accounts.

Hackers hijack .arpa domain for phishing scams — hosting malicious websites and domains where no one can spot them

New phishing attacks weaponize the internet’s backbone using .arpa domains and clever tricks to evade security systems ...