Security · 2h ago
Misconfigured Server Exposes Three Evilginx Phishing Kits
A misconfigured Python server left directory listing enabled, revealing a live Microsoft 365 phishing operation. French security firm Lexfo extracted the attacker's toolkit and uncovered two additional Evilginx campaigns. The lapse exposed phishing infrastructure targeting corporate credentials.
Meridian48 take
The breach underscores how operational sloppiness can unravel sophisticated phishing networks, but the real story is the scale of Evilginx adoption.
Read the full reporting
Misconfigured Server Reveals Three Evilginx Phishing Operations Targeting Microsoft 365 →
The Hacker News
evilginxphishing