Today, SquareX released new threat research on an advanced Browser-in-the-Middle (BitM) attack targeting Safari users. As highlighted by Mandiant, adversaries have been increasingly using BitM attacks to steal credentials and gain unauthorized access to enterprise SaaS apps. BitM attacks work by using a remote browser to trick victims into interacting with an attacker-controlled browser via a pop-up window in the victim’s browser. A common BitM attack involves displaying the legitimate login page of an enterprise SaaS app, deceiving victims into divulging credentials and other sensitive information thinking that they are conducting work on a regular browser window.
https://securitysenses.com/posts/fullsc ... redentials