Cybercriminals have unleashed Starkiller, a sophisticated “phishing-as-a-service” tool that tricks users by serving genuine login pages from major brands. Unlike old-school phishing kits with fake clones, Starkiller acts as a sneaky middleman, proxying traffic to the real sites. This lets attackers steal not just passwords, but session cookies and tokens after victims complete multi-factor authentication […] The post Starkiller Phishing Framework Uses Real Login Pages to Evade MFA Protections appeared first on Cyber Security News.