Security News > 2025 > April > Tycoon2FA phishing kit targets Microsoft 365 with new tricks

2025-04-12 15:16
Phishing-as-a-service (PhaaS) platform Tycoon2FA, known for bypassing multi-factor authentication on Microsoft 365 and Gmail accounts, has received updates that improve its stealth and evasion capabilities. [...]
News URL
Related news
- Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails (source)
- Malicious Adobe, DocuSign OAuth apps target Microsoft 365 accounts (source)
- Hidden Threats: How Microsoft 365 Backups Store Risks for Future Attacks (source)
- Microsoft’s new AI agents take on phishing, patching, alert fatigue (source)
- After Detecting 30B Phishing Attempts, Microsoft Adds Even More AI to Its Security Copilot (source)
- Microsoft: Licensing issue blocks Microsoft 365 Family for some users (source)
- ActiveX blocked by default in Microsoft 365 because remote code execution is bad, OK? (source)
- Microsoft blocks ActiveX by default in Microsoft 365, Office 2024 (source)
- Gamma AI Platform Abused in Phishing Chain to Spoof Microsoft SharePoint Logins (source)
- Attackers phish OAuth codes, take over Microsoft 365 accounts (source)