SSeclookupinblog.seclookup.com·Apr 15 · 6 min readThe Evolution of EvilTokens: Analyzing AI-Enabled Device Code Phishing CampaignsExecutive Summary The threat landscape for credential theft is shifting from static, proxy-based phishing toward sophisticated, automated abuse of OAuth 2.0 authentication flows. Recent intelligence f00
SSeclookupinblog.seclookup.com·Apr 15 · 6 min readThe Proxifier Trap: Analyzing the ClipBanker Marathon Infection ChainExecutive Summary Threat actors are increasingly leveraging trusted developer tools and open-source platforms to bypass traditional security perimeters. Recently, SecLookup tracked a sophisticated cam00
SSeclookupinblog.seclookup.com·Apr 15 · 6 min readUnmasking LucidRook: A Deep Dive into UAT-10362’s Lua-Based Campaign Against TaiwanExecutive Summary The threat landscape in East Asia continues to evolve with the emergence of highly specialized toolkits designed to evade traditional heuristic detections. Recently, Cisco Talos iden00
SSeclookupinblog.seclookup.com·Apr 15 · 5 min readAnalyzing the CPUID Watering Hole: STX RAT Distribution via Trojanized System ToolsExecutive Summary On April 9, 2026, threat actors successfully executed a high-impact watering hole attack targeting the official CPUID website, a primary source for popular system diagnostic utilitie00
SSeclookupinblog.seclookup.com·Mar 26 · 5 min readClickFix Evolution: Cross-Platform Social Engineering Targeting Enterprise WorkflowsExecutive Summary The threat landscape is witnessing a sophisticated shift in initial access delivery through a social engineering technique known as "ClickFix." Recent investigations into campaign cl00