Issuu, FlipSnack, Simplebooklet, and other digital document publishing sites have been exploited by threat actors to facilitate new phishing attacks that better bypass email security controls, The Hacker News reports. Attackers have been leveraging free or trial versions of the DDPs to create and host malicious files attached to phishing emails, which when clicked would redirect to an attacker-controlled website spoofing the Microsoft 365 login page that then allows credential and session token exfiltration, a report from Cisco Talos revealed.

Source: SC Magazine