<ciso brief/>
Tag Banner

All news with #adversary-in-the-middle tag

all tags →

Fri, September 12, 2025

VoidProxy PhaaS Uses AitM to Steal Microsoft, Google Logins

#Okta #Phishing-as-a-Service #Adversary-in-the-Middle #Passkeys #Cloudflare #Session Management #Business Email Compromise

🔐 Okta has uncovered VoidProxy, a phishing-as-a-service operation that uses Adversary-in-the-Middle techniques to harvest Microsoft and Google credentials, MFA codes, and session tokens. The platform leverages compromised ESP accounts, URL shorteners, multiple redirects, Cloudflare Captcha and Cloudflare Workers to evade detection and hide infrastructure. Victims who enter credentials are proxied through an AitM server that captures session cookies and MFA responses, enabling account takeover. Okta recommends passkeys, security keys, device management, and session binding to mitigate the threat.

read more →