FBI warns of Kali365 phishing service targeting Microsoft 365 accounts
… Device code phishing has seen widespread adoption in 2026, with other threat actors and platforms now using it as part of their phishing campaigns and attacks. …
Search
GitHub links repo breach to TanStack npm supply-chain attack
… TeamPCP was linked to other major supply chain attacks targeting developer code platforms, including PyPI , NPM , GitHub , and Docker , and, more recently, to the "Mini Shai-Hulud" supply chain campaign which also affected two OpenAI employees . …
GitHub confirms breach of 3,800 repos via malicious VSCode extension
… Send your offers to the communications below, we are not interested in under 50k, the best offer will get it." TeamPCP was previously linked to massive supply chain attacks targeting developer code platforms, including GitHub , PyPI , NPM , and Docker , and, more recently, to the "Mini Shai-Hulud"… …
Critical Microsoft Vulnerabilities Doubled: From Exposure to Escalation
… He began his career as Reliability and Maintainability Engineer for a government contractor building flight and training simulators. …
Tycoon2FA hijacks Microsoft 365 accounts via device-code phishing
… Tycoon2FA adds device-code phishing According to new research from managed detection and response company eSentire, Tycoon2FA confirms that device code phishing has become highly popular among cybercriminals. “The attack begins when a victim clicks a Trustifi click-tracking URL in a lure email and … …