TT-CSIRT – 449.22.08.25 – Microsoft 365 ADFS Exploit
Please be advised, a sophisticated phishing campaign have been uncovered, that exploits Microsoft’s Active Directory Federation Services (ADFS) to create legitimate-looking login URLs that redirect users to malicious credential-harvesting sites, effectively turning Microsoft’s own infrastructure into an unwitting accomplice in credential theft operations. Exploit Malicious Google ads clicked on by users who are then redirected […]