CodeStorm Phishing Campaign Targets M365 Tenants With Token Reuse and Replay Attacks

A multi-organization phishing campaign attributed to the CodeStorm family is actively targeting Microsoft 365 tenants with a tenant-aware AiTM (adversary-in-the-middle) phishing kit that combines rotating frontends and backend replay behavior under a stable controller path, /google.php. The human recipient rarely…

FortiBleed Campaign Uses FortigateSniffer to Harvest 110 Million Credentials From Fortinet Firewalls

A large-scale credential harvesting campaign called “FortiBleed” has been uncovered, revealing how threat actors are exploiting Fortinet FortiGate firewalls to capture authentication data on an unprecedented scale. Research from the SOCRadar Threat Research Unit (STRU) indicates that this operation has…