Cybercriminals are exploiting an AI-powered presentation tool called Gamma to launch a multi-stage attack aimed at stealing Microsoft credentials.
This attack route is designed not only to evade traditional security measures but also to deceive human recipients by leveraging trusted platforms and services.
Cyber attackers are taking advantage of Gamma, a lesser-known but increasingly used platform for creating presentations, to host malicious content.
Here’s how the attack unfolds:
This phishing campaign is notable for several reasons:
The attackers’ use of an AiTM framework is particularly alarming. This setup allows them to not only harvest credentials but also capture session cookies, enabling attackers to bypass Multi-Factor Authentication (MFA) and gain unauthorized access to the victim’s account.
The layered approach of this attack, starting from a legitimate sender, through to a reputable service like Gamma, then a trusted security tool, and finally to a convincing fake login, makes it challenging to detect:
According to the Report, this campaign underscores the importance of moving beyond traditional rule-based email security.
AI and behavioral analysis are becoming critical in identifying and stopping such nuanced phishing attempts.
Find this News Interesting! Follow us on Google News, LinkedIn, & X to Get Instant Updates!
DocuSign has emerged as a cornerstone for over 1.6 million customers worldwide, including 95% of…
In a landmark initiative, international cybersecurity agencies have released a comprehensive series of publications to…
A severe security flaw has been identified in the TI WooCommerce Wishlist plugin, a widely…
Microsoft Threat Intelligence Center (MSTIC) has issued a critical warning about a cluster of global…
A recent investigation by security analysts has uncovered a persistent phishing campaign targeting Italian and…
Threat actors have exploited a critical Remote Code Execution (RCE) vulnerability, identified as CVE-2025-32432, in…