Dark Reading

Tycoon 2FA Goes Boom as Europol, Vendors Bust Phishing Platform

One of the most widely used and effective phishing platforms on the threat landscape has been taken down — at least for now. Europol and several private sector partners, including Microsoft, Trend ...
CoinTelegraph

Coinbase, Microsoft and Europol take down phishing service ‘Tycoon 2FA’

Tycoon 2FA accounted for 62% of phishing attempts Microsoft blocked by mid last year, including over 30 million emails in a single month. A coalition of tech companies and law enforcement, including ...
Techlicious

2FA Explained: The Safest Ways to Protect Your Accounts

If you’re still relying on just a password to protect your online accounts, you’re gambling. Passwords get reused. They get leaked in data breaches. They get guessed. And once a criminal has your ...
InfoWorld

GitLab 2FA login protection bypass lets attackers take over accounts

The platform warns users of on-premises versions to upgrade to the latest versions; SaaS and web versions have been patched. A critical two-factor authentication bypass vulnerability in the Community ...
PC World

2FA vs Passkeys: Which security solution actually keeps you safer?

Everyone knows what a password is. But we can’t say the same for two-factor authentication or passkeys, which is a shame because these two security features dramatically boost the safety of your ...
SiliconANGLE

Whisper 2FA kit steals Microsoft 365 credentials and MFA tokens in real time

A new report released today by cloud cybersecurity firm Barracuda Networks Inc. details a rapidly evolving phishing-as-a-service kit dubbed Whisper 2FA that’s designed to steal Microsoft 365 ...
Infosecurity-magazine.com

Whisper 2FA Behind One Million Phishing Attempts Since July

The phishing platform “Whisper 2FA” has rapidly become one of the most active tools used in large-scale credential theft campaigns, according to new research from Barracuda. Since July 2025, the ...
Ars Technica

Hackers can steal 2FA codes and private messages from Android phones

Android devices are vulnerable to a new attack that can covertly steal two-factor authentication codes, location timelines, and other private data in less than 30 seconds. The new attack, named ...
Forbes

FBI 2FA Bypass Warning Issued — The Attacks Have Started

Qantas attacked days after FBI warning. Update, July 4, 2025: This story, originally published on July 2, has been updated with the latest statement from Qantas, including a lengthy explanation by ...
Yahoo

Cybercriminals Are Fooling Help Desks to Bypass 2FA

Scattered Spider now targeting airlines. Bypasses 2FA via help desk tricks. Strict security protocols are necessary for prevention. The FBI has issued a fresh cybersecurity alert, warning that the ...
TechSpot

Whistleblower warning: 2FA codes sent via SMS are trivially easy to intercept

Weak Link: Two-factor authentication is designed to harden device security and make unauthorized access even trickier for bad actors. In the imperfect world we live in, however, there's almost always ...
Android Police

How I avoid 2FA disasters with this backup system

I cover Android with a focus on productivity, automation, and Google’s ecosystem, including Gemini and everyday apps. With a background in engineering and software development, I tend to go beyond ...