Bubble AI app builder abused to steal Microsoft account credentials
Summary
Threat actors are exploiting the no-code platform Bubble to create and host phishing websites that steal Microsoft account credentials. These malicious apps are designed to bypass typical phishing detection mechanisms, making them a significant threat to users.
IFF Assessment
FOE
This is bad news for defenders as attackers are using legitimate tools to create sophisticated phishing campaigns that are harder to detect.
Defender Context
Defenders should be aware of emerging phishing tactics that leverage legitimate no-code platforms. This trend highlights the need for advanced threat detection solutions capable of identifying malicious activity disguised within authorized services and for user education on recognizing sophisticated phishing attempts.