Find notable cyber news and cases, enriched with sources, timelines, and signals.

Quantum Route Redirect democratizes Microsoft 365 phishing tradecraft

Threat Actor Meta
First reported
Last updated
Happening score
H score 16
1 unique sources, 1 articles

Summary

Hide ▲

Quantum Route Redirect is lowering the skill bar for phishing operators, letting less-skilled cybercriminals run more sophisticated Microsoft 365 credential-theft campaigns while improving redirect-based evasion. The shift matters because the tool automates campaign functions and can bypass EOP, SEG, ICES, and even web application firewall checks. The infrastructure has also been tied to activity hosted on about 1,000 domains and reaching victims in 90 countries.

Related Happenings

O-UNC-066 / Pink Microsoft Entra passkey vishing campaign

Campaign
H score37 First: 08.07.2026 19:47 Last: 08.07.2026 19:47 Sources 1

About this happening: The **O-UNC-066 / Pink** operation is using **voice-based phishing** to push **Microsoft 365** users into enrolling attacker-controlled **Entra passkeys**, creating a direct path...

Non-email threat-detection confidence gap across collaboration channels

Trend
H score25 First: 19.06.2026 12:00 Last: 19.06.2026 12:00 Sources 1

About this happening: A survey found a broad **non-email threat-detection gap** across **Slack**, **Microsoft Teams**, and social channels, increasing exposure as attackers move beyond **email**. At **...

North Korea-aligned developer-targeting operations shift from fake interviews to recruitment phishing at scale

Threat Actor Meta
H score31 First: 15.06.2026 22:32 Last: 15.06.2026 22:32 Sources 1

About this happening: North Korea-aligned developer-targeting operations are shifting from **fake interviews** to **recruitment-themed phishing** at scale, increasing the risk of industrialized **crede...

Enterprise browser users face a rising shadow AI, credential abuse, and browser-native attack trend

Trend
H score22 First: 05.06.2026 17:00 Last: 05.06.2026 17:00 Sources 1

About this happening: **Enterprise users** are showing a sharp rise in **shadow AI**, **credential abuse**, and **browser-native attack exposure**, increasing risk at the browser layer. The trend matte...

Google DoubleClick malspam campaign delivering DesckVB RAT

Campaign
H score33 First: 03.06.2026 19:29 Last: 03.06.2026 19:29 Sources 1

About this happening: A **new malspam campaign** is abusing **Google's DoubleClick** redirect path to evade detection and deliver **DesckVB RAT**, putting users and organizations at risk of malware inf...

Timeline

  1. 12.11.2025 17:48 2 articles · 7mo ago

    Quantum Route Redirect phishing analysis

    Technical Analysis Update

    KnowBe4 researchers said Quantum Route Redirect targets Microsoft 365 credential theft by automating campaign setup, traffic rerouting, victim tracking, and an intelligent redirect system that can send security scanners to benign sites while directing people to phishing pages. The tool has been seen since August, is hosted on about 1,000 domains, and the associated campaign has reached victims in 90 countries, with 76% of affected users in the US. Researchers said the activity can bypass Microsoft Exchange Online Protection (EOP), secure email gateway (SEG), integrated cloud email security (ICES), and even Web application firewall products, and they advised URL filtering, sandboxing, and NLP-based email analysis.

    Show sources