81 Million Login Attempts: Massive Password Spray Campaign Bypasses MFA to Compromise Azure and Microsoft 365 Accounts
A massive automated campaign made 81 million login attempts against Microsoft 365 and Azure CLI accounts between June 12 and June 26, 2026, successfully compromising 78 accounts across...
AWS AiTM Phishing Kit Bypasses MFA to Hijack Cloud Console Sessions in Real Time
A real-time adversary-in-the-middle phishing kit has been targeting AWS engineers, stealing credentials and MFA codes simultaneously to hijack cloud sessions before they expire. Standard MFA provides zero protection...
CVE-2026-48558: Critical SimpleHelp Auth Bypass Exposes 14,000 RMM Servers to Unauthenticated Access
Horizon3.ai disclosed CVE-2026-48558, a critical authentication bypass in SimpleHelp's OIDC integration that allows unauthenticated attackers to create privileged technician accounts and bypass MFA. Nearly 14,000 internet-exposed servers are...
Tycoon 2FA Phishing Kit Bypasses MFA at Scale — 62% of Microsoft 365 Phishing Attempts Linked to Single Threat Actor
The Tycoon 2FA phishing-as-a-service kit, operated by threat actor Storm-1747, is bypassing multi-factor authentication on Microsoft 365 and Google Workspace accounts at massive scale. At its peak it...