National Cyber Warfare Foundation (NCWF)

EvilTokens-Linked ARToken Panel Exposes 80+ APIs for Microsoft 365 Token Theft


0 user ratings
2026-07-02 11:32:05
milo
Red Team (CNA)

A fully featured phishing-as-a-service (PhaaS) panel named “ARToken” that closely mirrors the EvilTokens infrastructure first profiled in early 2026, but with a broader and deeper post-compromise toolkit. ARToken’s React single-page application exposes more than 80 API endpoints enabling device-code phishing, Primary Refresh Token (PRT) persistence, mailbox takeover, business email compromise (BEC) workflows, and SharePoint exfiltration […]


The post EvilTokens-Linked ARToken Panel Exposes 80+ APIs for Microsoft 365 Token Theft appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.



Mayura Kathir

Source: gbHackers
Source Link: https://gbhackers.com/eviltokens-linked-artoken-panel/


Comments
new comment
Nobody has commented yet. Will you be the first?
 
Forum
Red Team (CNA)



Copyright 2012 through 2026 - National Cyber Warfare Foundation - All rights reserved worldwide.