Cybercriminals behind Tycoon2FA, a phishing-as-a-service (PhaaS) platform, have resumed targeting cloud accounts with near-full force despite a coordinated law enforcement takedown on March 4, 2026. Europol, working alongside authorities from six countries, seized 330 domains that formed the backbone of the platform’s infrastructure in what became one of the more visible efforts to disrupt a […] The post Tycoon2FA Operators Resume Cloud Account Phishing After Infrastructure Disruption appeared first on Cyber Security News.