Phishing As a Service Targets Financial Sector
The new phishing-as-a-service (PhaaS) platform, ONNX Store, has been targeting Microsoft 365 accounts at financial firms using QR codes in PDF attachments. This sophisticated platform, which leverages Telegram bots and bypasses two-factor authentication (2FA), is believed to be a rebranded version of the Caffeine phishing kit. Discovered by EclecticIQ, ONNX …