Security News New Ghost Phishing Wave Is Breaking Traditional Email Security TheHackerNews Daniel Bender 08 Jul 2026 Share EvilTokens uses AES-GCM encrypted HTML and Microsoft Device Code Phishing to hide Microsoft 365 account takeover pages until browser render.