1. FlowerStorm PhaaS Integrates KrakVM Obfuscation to Bypass MFA in Credential Theft Campaigns
Phishing-as-a-Service operations are adopting increasingly sophisticated obfuscation techniques, with FlowerStorm operators now deploying KrakVM—a JavaScript-based virtual machine—to evade static analysis and bypass multi-factor authentication in credential harvesting campaigns. The development highlights a measurable ...