July 8, 2026 at 08:28PM

■■■■■ EvilTokens phishing can look clean during URL checks.

The real page stays encrypted until it opens in the victim’s browser, then uses Microsoft device-code phishing to push toward Microsoft 365 account takeover.

The blind spot is browser visibility, not just email scanning.

https://thehackernews.com/2026/07/new-ghost-phishing-wave-is-breaking.html