Tag

#Session Hijacking

3 articles covering Session Hijacking across campaign analysis, detection engineering, and defender tradecraft.

Coverage

3 entries

Field Analysis

Blue TeamDetection & ValidationMay 31, 20267 min read

Chrome Binds the Cookie: A Defender's Brief on Device Bound Session Credentials

Chrome's Device Bound Session Credentials, now generally available and on by default for Workspace, tie session cookies to a device's security chip so a stolen cookie is useless off the machine it came from. Here is what it stops and what it does not.

By PhishPond Desk

Field Analysis

Blue TeamCampaign AnalysisMay 31, 20266 min read

FortiClient EMS Abuse Shows Why Management Planes Are Credential-Theft Surface

Recent exploitation of CVE-2026-35616 turned FortiClient EMS into a malware delivery channel, pushing an EKZ credential stealer through trusted endpoint management paths.

Credential Harvesting Kits Adopt Device-Bound Session Replay Tactics

New phishing kits are pivoting from simple password theft to real-time token capture and replay workflows targeting modern MFA deployments.

By PhishPond Desk

#Session Hijacking

Coverage

Browse Other Tags