Security · 1h ago
ARToken PhaaS platform exposes EvilTokens' Microsoft 365 phishing toolkit
A new phishing-as-a-service platform called ARToken, operating as an affiliate of EvilTokens, offers a toolkit to compromise Microsoft 365 accounts. Researchers analyzed the platform, revealing its capabilities to bypass multi-factor authentication and steal credentials. The service is sold to cybercriminals, lowering the barrier for sophisticated phishing attacks.
Meridian48 take
While ARToken's exposure is valuable, the real story is the growing commoditization of advanced phishing tools, making enterprise defenses more critical than ever.
Read the full reporting
ARToken PhaaS exposes EvilTokens' Microsoft 365 phishing toolkit →
Bleeping Computer
phishing-as-a-servicemicrosoft-365