Security News > 2025 > April > Tycoon2FA phishing kit targets Microsoft 365 with new tricks

Tycoon2FA phishing kit targets Microsoft 365 with new tricks

2025-04-12 15:16

Phishing-as-a-service (PhaaS) platform Tycoon2FA, known for bypassing multi-factor authentication on Microsoft 365 and Gmail accounts, has received updates that improve its stealth and evasion capabilities. [...]

News URL

https://www.bleepingcomputer.com/news/security/tycoon2fa-phishing-kit-targets-microsoft-365-with-new-tricks/

#365 #microsoft #phishing

Related news

Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails (source)
Malicious Adobe, DocuSign OAuth apps target Microsoft 365 accounts (source)
Hidden Threats: How Microsoft 365 Backups Store Risks for Future Attacks (source)
Microsoft’s new AI agents take on phishing, patching, alert fatigue (source)
After Detecting 30B Phishing Attempts, Microsoft Adds Even More AI to Its Security Copilot (source)
Microsoft: Licensing issue blocks Microsoft 365 Family for some users (source)
ActiveX blocked by default in Microsoft 365 because remote code execution is bad, OK? (source)
Microsoft blocks ActiveX by default in Microsoft 365, Office 2024 (source)
Gamma AI Platform Abused in Phishing Chain to Spoof Microsoft SharePoint Logins (source)
Attackers phish OAuth codes, take over Microsoft 365 accounts (source)

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Microsoft		383	52	1433	2957	180	4622

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.