Dossier
Evilginx Phishing
Coverage of Evilginx Phishing in the Nexus archive.
- Misconfigured Server Reveals Three Evilginx Phishing Operations Targeting Microsoft 365
A misconfigured Python web server exposed a Microsoft 365 phishing operation, allowing security firm Lexfo to uncover the attacker's toolkit and link it to two additional phishing campaigns. The attacker's command history revealed the server setup, which was left publicly accessible with directory listing enabled.