SessionShark Steals Session Tokens to Slip Past Office 365 MFA
Security researchers here at SlashNext recently uncovered a promotional image on a cybercrime network showcasing a service called “SessionShark O365
April 24, 2025
Category: Social Engineering
Xanthorox AI – The Next Generation of Malicious AI Threats Emerges
The Next Evolution in Black-Hat AI A new player has entered the cybercrime AI landscape – Xanthorox AI, a malicious
April 7, 2025
How Attackers Abuse Trusted Cloud Apps—and Why URL Analysis Matters
It’s no secret that cybercriminals love to exploit our trust in well-known brands. From big-name retailers to popular online services,
March 20, 2025
From Phishing to Vishing – Modern Social Engineering Attacks
Phishing attacks have moved beyond simply sending emails with malicious links to incorporate more modern social engineering techniques, including the
March 10, 2025
Astaroth: A New 2FA Phishing Kit Targeting Gmail, Yahoo, AOL, O365, and 3rd-Party Logins
Phishing attacks continue to evolve, pushing even the most secure authentication methods to their limits. First advertised on cybercrime networks
February 13, 2025
Devil-Traff: A New Bulk SMS Platform Driving Phishing Campaigns
Employees in most organizations receive countless communications daily—emails, Slack messages, or ticket updates, for example. Hidden among these routine interactions
January 29, 2025
Is That Really ProtonMail? New Credential Harvesting Threats Targeting Cloud Apps
Imagine sipping your morning coffee, scrolling through your inbox, when a seemingly innocent ProtonMail message catches your eye. But this
January 22, 2025
Inside a 90-Minute Attack: Breaking Ground with All-New AI Defeating Black Basta Tactics
Have you ever had your lunch interrupted by a sudden barrage of security alerts? That’s exactly what happened to one
January 13, 2025
Multi-Channel Threat Blindspot Will Leave Your Organization Vulnerable to Breach
In today’s hyper-connected world, modern workers rely on a multitude of communication and collaboration tools to get work done efficiently.
June 12, 2024
Sophisticated Smishing Compromises Employee Accounts, Accesses Corporate Gift Card Systems
We at SlashNext want to draw attention to the alarming trend of cybercriminals exploiting advanced techniques to target retail corporations,
May 15, 2024