The Hacker News

Starkiller Phishing Suite Uses AitM Reverse Proxy to Bypass Multi-Factor Authentication

Starkiller phishing suite uses live reverse proxying to bypass MFA, while attackers abuse OAuth device codes to hijack Microsoft 365 accounts.
Security Boulevard

Starkiller Phishing Framework Bypasses Defenses with Reverse Proxies, Takes an SaaS Approach

Starkiller is a new SaaS-style phishing framework that runs real brand websites inside headless Chrome containers, acting as a live reverse proxy to steal credentials, session tokens, and ...