Bleeping Computer

ONNX phishing service targets Microsoft 365 accounts at financial firms

A new phishing-as-a-service (PhaaS) platform called ONNX Store is targeting Microsoft 365 accounts for employees at financial firms using QR codes in PDF attachments. The platform can target both ...
Dark Reading

'ONNX' MFA Bypass Targets Microsoft 365 Accounts

A highly organized phishing-as-a-service operation (PhaaS) is targeting Microsoft 365 accounts across financial firms with business email compromise (BEC) attacks that leverage a two-factor ...