Attackers have been abusing legitimate YouTube attribution links and a Cloudflare CAPTCHA to evade detection. Cybersecurity company Vade said the use of YouTube attribution links was a new tactic for bypassing email filters scanning for suspicious redirects.
In a newly discovered phishing campaign, victims receive a spoofed email saying their Microsoft 365 password has expired. The email is personalized and contextualized to create an illusion of legitimacy. Vade researchers noted that the ema
