A recent EvilTokens campaign targeting businesses across the US and Europe is exposing a new email security blind spot. This βghost phishingβ technique keeps the malicious page hidden until it decrypts and comes to life inside the victimβs browser. For security leaders, the risk is clear: traditional URL checks may miss the attack while Microsoft 365 access, sensitive data, and response time
A recent EvilTokens campaign targeting businesses across the US and Europe is exposing a new email security blind spot. This βghost phishingβ technique keeps the malicious page hidden until it decrypts and comes to life inside the victimβs browser. For security leaders, the risk is clear: traditional URL checks may miss the attack while Microsoft 365 access, sensitive data, and response time
Read the original article at The Hacker News: https://thehackernews.com/2026/07/new-ghost-phishing-wave-is-breaking.html