Malware And CampaignsCampaign

Microsoft Entra B2B guest invitation phishing without attacker domains

March 31, 2026Nicolas Krassas, /r/netsec

Nicolas Krassas and r netsec point to a technique abusing Microsoft Entra B2B guest invitations for phishing, emphasizing how attacks can avoid obvious attacker-controlled domains and complicate detection and user trust signals.

Open in PulseSee the full authority discussion →

QUOTES

The Attack With No Attacker Domain: Microsoft Entra B2B Guest Invitation Phishing

VOICES

Nicolas Krassas

/r/netsec

RELATED TERMS

phishingidentitymicrosoftidentity theft

OTHER FINDINGS IN MALWARE AND CAMPAIGNS

Axios npm package compromise, WAVESHAPER.V2 cross platform RAT Handala Hack Telegram threat claiming imminent Lockheed Martin data leak Telnyx PyPI compromise (TeamPCP) shipping malware in telnyx 4.87.1/4.87.2

AMYGDALA PULSE

See what authorities are saying right now

This finding is one of many signals tracked across Cyber Security. The live feed updates every few hours with new authority voices, debates, and emerging ideas.

Open Cyber Security Pulse Browse all topics

← Back to Cyber Security