⚠️ Why #Tycoon2FA Should Be on Every CISO’s Radar: A 7-Stage Phishing Chain Built to Evade Detection. Tycoon 2FA is a growing #PhaaS platform designed to bypass MFA for Microsoft 365 and Gmail. In a recent observed case, instead of delivering a single #phishing page, it guides

#Tycoon2FA #Phishing 🐟4 Domains related to Tycoon2FA Phishing with Low Hits on vt: pastebin.com/apZCmqby Full List: github.com/NoMorePhish/Ty… Tool used: Validin CC: WatchingRac Who said what? Mikhail Kasimov

#Tycoon2FA #Phishing 🐟5 Domains related to Tycoon2FA Phishing with Low Hits on vt: pastebin.com/dguFhccj Full List: github.com/NoMorePhish/Ty… Tool used: Validin CC: WatchingRac Who said what? Mikhail Kasimov

🔎 ChromeAsC2 hijacks browsers as Cobalt Strike alternative New tool #ChromeAlone turns Chromium-based browsers into a full-blown C2 platform, effectively replacing implants like Cobalt Strike. Raises fresh concerns about browser-borne offensive security threats. 🔗 read more:

#Lumma #Malware 👾 32 domains related to Lumma: pastebin.com/0RhLL7Uf CC: Fox_threatintel NDA0E blinkz kddx00 Raghav Rastogi DaveTheResearcher Who said what? Dee Mikhail Kasimov ge0lev Simplicio Sam L. JAMESWT_MHT DonPasci

#Tycoon2FA #Phishing 🐟112 Domains related to Tycoon2FA Phishing with Low Hits on vt: pastebin.com/bxnnhxbL Full List: github.com/NoMorePhish/Ty… Tool used: Validin CC: WatchingRac Who said what? Mikhail Kasimov

#Lumma #Malware 👾 37 domains related to Lumma: pastebin.com/39PPLg4L CC: Fox_threatintel NDA0E blinkz kddx00 Raghav Rastogi DaveTheResearcher Who said what? Dee Mikhail Kasimov ge0lev Simplicio Sam L. JAMESWT_MHT DonPasci

There is an interesting threat actor out there who is trying to exploit memory corruption in browsers instead of just doing the usual FileFix, ClickFix shenanigans. I hope they know what they are doing 💀

#PhishingAlert: Threat actors are abusing ICS calendar invites to deliver #phishing links. Clicking the link redirects victims to Tycoon2FA-linked phishing pages impersonating #Microsoft 365 login portals. These fake sites are designed to steal credentials and session cookies,

#Tycoon2FA #Phishing 🐟566 Domains related to Tycoon2FA Phishing with Low Hits on vt: pastebin.com/088HgmqW Full List: github.com/NoMorePhish/Ty… Tool used: Validin CC: WatchingRac Who said what? Mikhail Kasimov

In the past days I've been observing a malware campaign using X verified accounts affiliated to account Kindle Book Hub (I see +140 accounts, consider each one malicious) running malicious X ads redirecting users to a fake AI website delivering malware. While the ads redirect

👾 Top threats in August 2025: Tycoon2FA with a 7-stage phishing chain, Rhadamanthys Stealer via ClickFix + PNG stego, and Salty2FA, a new PhaaS bypassing MFA. 🔍Get full visibility into today’s top threats and actionable intel to stop them: any.run/cybersecurity-…

#Tycoon2FA #Phishing 🐟210 Domains related to Tycoon2FA Phishing with Low Hits on vt: Full List: github.com/NoMorePhish/Ty… Tool used: Validin CC: WatchingRac Who said what? Mikhail Kasimov

#Tycoon2FA #Phishing 🐟48 Domains related to Tycoon2FA Phishing with Low Hits on vt: pastebin.com/u1hfmu4s Full List: github.com/NoMorePhish/Ty… Tool used: Validin CC: WatchingRac Who said what? Mikhail Kasimov

🚨 #Salty2FA is a new #phishkit linked to #Storm1575. Active since June, it bypasses 2FA to gain access beyond stolen creds. Using a unique domain pattern and multi-stage chain, it targets finance, energy, telecom and more. Read analysis: any.run/cybersecurity-…

NEW THREAT REPORT 🚨 Salt Typhoon and UNC4841: Silent Push Discovers New Domains; Urges Defenders to Check Telemetry and Log Data Read the full report here: hubs.ly/Q03Hgmzq0 #UNC4841 #SaltTyphoon #CTI #cybersecurity #threatintel

'COMPROVATIVO-28976452-SETEMBRO-4HDYN-X8RL6 - 319-.zip' abuse.ch SGML in it with the same low detection. bazaar.abuse.ch/sample/52eab37… URL(https): /autoridade-tributaria-pt(.)org/SET-FAT/818.php ܛܔܔܔܛܔܛܔܛ

#Tycoon2FA #Phishing - Using new TLD ([.]co[.]za) - New Anti-Bot System (never saw something like that) CC: Fox_threatintel NDA0E blinkz kddx00 Raghav Rastogi DaveTheResearcher Who said what? Dee Mikhail Kasimov ge0lev Simplicio Sam L. JAMESWT_MHT DonPasci

⚠️ FREE Challenge: AI-powered ransomware PromptLock, the first AI-powered ransomware. It uses a local AI model to create cross-platform malicious scripts in real time, autonomously targeting and encrypting data. 🛠️ Type: Malware Analysis 👤 Role: Security Analyst 💪