
CodeStorm Phishing Kit Uses Tenant-Aware M365 Replay to Hijack Microsoft 365 Accounts
A highly sophisticated Microsoft 365 phishing campaign leveraging the CodeStorm phishing kit. This multi-organization campaign uses a clever mix of rotating frontend infrastructure and a stable, tenant-aware backend to hijack accounts. By combining deceptive voicemail lures with real-time credential replay, attackers can bypass multi-factor authentication (MFA) and leave clear traces in a victim’s Entra ID […]
The post CodeStorm Phishing Kit Uses Tenant-Aware M365 Replay to Hijack Microsoft 365 Accounts appeared first on Cyber Security News.