Threat Post

Browser-in-the-Browser Attack Makes Phishing Nearly Invisible

Can we trust web browsers to protect us, even if they say “https?” Not with the novel BitB attack, which fakes popup SSO windows to phish away credentials for Google, Facebook and Microsoft, et al.
The Daily Dot

How to keep hackers from tricking you with this invisible phishing attack

A new vulnerability found in major web browsers will make it easy for cybercriminals to carry out browser phishing attacks and lure their victims into fake, malicious websites. And even savvy users ...