In February 2026, a phishing-as-a-service (PhaaS) platform called EvilTokens went live. Within five...
The New Phishing Click: How OAuth Consent Bypasses MFA
In February 2026, a phishing-as-a-service (PhaaS) platform called EvilTokens went live. Within five weeks, it had compromised more than 340 Microsoft 365...
Author: The Hacker News
Read Original Article