Threats Tagged 'sendgrid'
View all threats tagged with 'sendgrid'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'sendgrid'
Click on any threat for detailed analysis and mitigation recommendations
Behind the console: An AiTM phishing kit harvesting AWS console credentials and beyond 0 Between June 16 and 19, 2026, a sophisticated adversary-in-the-middle phishing campaign targeted AWS console users through three domains registered within 48 hours and hosted on Cloudflare. The campaign impersonated AWS login pages and captured credentials along with real-time multi-factor authentication codes through email, SMS, and authenticator apps. Phishing emails were delivered through legitimate platforms like SendGrid and Nimbu to bypass spam filters. The kit employed JavaScript-based credential harvesting with victim validation through encrypted URL parameters, preventing sandbox analysis. Targets were primarily US-based software engineers and engineering leadership, suggesting a curated target list rather than mass phishing. The same kit was linked to concurrent SendGrid impersonation campaigns and previous cryptocurrency wallet targeting since July 2025. The small sample of fewer than 50 targeted email addresses indicates highly selective targeting of technical personnel with AWS access. Join the discussion | AlienVault OTX General | 06/25/2026, 15:26:35 UTC Added: 06/25/2026, 15:46:12 UTC |
Showing 1 to 1 of 1 result