New Tricks in the Phishing Playbook: Cloudflare Workers, HTML Smuggling, GenAI
New Tricks in the Phishing Playbook: Cloudflare Workers, HTML Smuggling, GenAI
27 May 2024
Cybersecurity researchers are alerting of phishing campaigns that abuse Cloudflare Workers to serve phishing sites that are used to harvest users' credentials associated with Microsoft, Gmail, Yahoo!, and cPanel Webmail.
The attack method, called transparent phishing or adversary-in-the-middle (AitM) phishing, "uses Cloudflare Workers to act as a reverse proxy server for a