Outlook add-in
-
Abandoned Outlook add-in hijacked to phish about 4,000 Microsoft accounts
An abandoned Outlook add-in listed in Microsoft’s store was hijacked to host phishing pages that stole credentials from about 4,000 users, a technical analysis found. Users should remove the add-in and reset passwords.
-
Researchers identify first malicious Outlook add-in that stole over 4,000 credentials
Researchers found the first malicious Outlook add-in in the wild, where a hijacked add-in domain hosted a fake sign in page and captured more than 4,000 credentials, exposing gaps in marketplace content monitoring.
