Session hijacking has long persisted as one of the most insidious adversarial techniques; the necessity of a password is effectively nullified once an intruder procures session cookies from a browser. To fortify this structural...
ghostsurf NTLM HTTP relay tool with SOCKS proxy for browser session hijacking. Capture NTLM auth, relay to HTTP/HTTPS targets, then browse as the victim through a SOCKS proxy. This works even when cookie replay...
The architectural frailty within Citrix networking apparatuses, which until recently was characterized merely as a latent peril, is now being aggressively weaponized by cyber marauders. These kinetic strikes commenced almost immediately following the dissemination...
An endeavor to dismantle a ubiquitous platform dedicated to account theft yielded but an ephemeral triumph. A mere span of days following a coordinated law enforcement intervention, the Tycoon2FA service resumed its operations with...
An international law enforcement operation has successfully dismantled Tycoon 2FA, one of the most formidable phishing-as-a-service platforms in existence. Operating upon a subscription-based paradigm, this clandestine service empowered malicious actors to execute indiscriminate, large-scale...
A sophisticated new phishing instrument dubbed Starkiller has emerged within clandestine marketplaces, fundamentally altering the mechanics of credential theft. Rather than meticulously crafting fraudulent login portals, adversaries are leveraging authentic websites, broadcasting them in...
Microsoft has disclosed a sophisticated sequence of multi-stage incursions leveraging Adversary-in-the-Middle (AiTM) session hijacking in tandem with Business Email Compromise (BEC) methodologies. The offensive specifically targeted entities within the energy sector, with adversaries weaponizing...
A malicious package named lotusbail has been uncovered in the npm repository, masquerading as a library for working with WhatsApp Web while quietly siphoning conversations and granting attackers persistent access to user accounts. According...
Google is pushing the boundaries of cybersecurity with a bold new initiative: the public beta release of Device Bound Session Credentials (DBSC), a feature designed to shield users from session cookie theft. Originally introduced...
Security researchers have unveiled functional exploits targeting a critical vulnerability in Citrix NetScaler ADC and Gateway devices. Designated CVE-2025-5777, the flaw has been informally dubbed CitrixBleed2 — a pointed reference to the similarly severe...