#Evilginx is back this year at #x33fcon, @mrgretzky is presenting "Downgrading #FIDO #MFA With #AI Slop" - #red, #phishing - x33fcon.com/#!/s/KubaGretzky…

Improved indicators: DeimosC2 ( 1), Evilginx ( 1), RansomHub ( 1), Meterpreter ( 2), XWorm ( 1), VShell ( 3) and AsyncRAT ( 7). vuldb.com/actor #apt #cti #ioc

Jak po drugiej stronie jest jakiś Evilginx który wysyła te żądania do serwerów Google xD

Void Blizzard (aka Laundry Bear) doesn't use exploits. It relies on password spraying and stolen session cookies, often via the Evilginx phishing framework, then abuses Exchange Online and Microsoft Graph APIs to quietly pull mailboxes and files.

Is the phish free? Fun little path traversal->arbitrary file read issue in Evilginx redirector templates (now fixed, affects community edition only). github.com/kgretzky/evilginx… EVIL-CVE-2026-00001 assigned by @mrgretzky 😂

Huge props to James @rotarydrone for reporting the first-ever infoleak bug in the open-source version of Evilginx. 🐛 This affects all Evilginx lures configured with redirectors enabled. Good idea to test this against any phishing kits you find in the wild, which may've borrowed the same codebase. 😉 EVIL-CVE-2026-00001 it is. 😜