Hacking news

Axios Abuse and Salty 2FA Kits Fuel Advanced Microsoft 365 Phishing Attacks

on September 9, 2025

The Hacker News

Threat actors are abusing HTTP client tools like Axios in conjunction with Microsoft's Direct Send feature to form a "highly efficient attack pipeline" in recent phishing campaigns, according to new findings from ReliaQuest. "Axios user agent activity surged 241% from June to August 2025, dwarfing the 85% growth of all other flagged user agents combined," the cybersecurity company said in a

More From Author

Hacking news

China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing

April 3, 2026

The Hacker News

Hacking news

Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers

April 3, 2026

The Hacker News

Hacking news

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

April 3, 2026

The Hacker News

Axios Abuse and Salty 2FA Kits Fuel Advanced Microsoft 365 Phishing Attacks

More From Author

China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing

Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

The AI Fix #67: Will Smith’s AI crowd scandal, and gullible agents fall for scams

Microsoft Patch Tuesday September 2025, (Tue, Sep 9th)

Leave a Reply Cancel reply