Return to Threats

New Ghost Phishing Wave Is Breaking Traditional Email Security

thehackernews.com 2026-07-08 SaaS AI risk High

What Happened

A recent EvilTokens campaign targeting businesses across the US and Europe is exposing a new email security blind spot. This “ghost phishing” technique keeps the malicious page hidden until it decrypts and comes to life inside the victim’s browser. For security leaders, the risk is clear: traditional URL checks may miss the attack while Microsoft 365 access, sensitive data, and response time

Why It Matters

The article describes a "ghost phishing" campaign (EvilTokens) that uses multi-stage, browser-side decryption to keep malicious Microsoft 365 credential-harvesting pages hidden until they render inside the victim’s browser, bypassing traditional URL inspection and email security controls.[2] This is a SaaS security blind spot for Microsoft 365, where attackers exploit trusted infrastructure and advanced evasion to gain access to accounts and sensitive data.[1][3] From a RealGround perspective, these techniques directly impact AI-integrated SaaS environments (e.g., email security, M365 Copilot, and automated SOC tools), meaning AI-driven filters and agents may fail if they rely only on static URL or payload checks. Organizations should apply Continuous AI Red Teaming to test AI email/security workflows against similar multi-stage, client-side-decrypted phishing patterns and strengthen policies around SaaS access, conditional access, and MFA to limit blast radius when such evasion succeeds.[2][4]

Healthcare Fintech SaaS SMB AI startups

RealGround Analysis

This signal maps to SaaS AI risk. Organizations using AI agents, LLM APIs, SaaS integrations, or sensitive data workflows should review whether this class of issue could create unauthorized tool execution, data leakage, weak approval gates, or unmanaged supply-chain exposure.

Recommended Actions

  • Restrict AI agent tool permissions and production write paths.
  • Review sensitive data access across prompts, logs, embeddings, memory, and SaaS integrations.
  • Add human approval workflows for high-impact or state-changing actions.
  • Run prompt injection and indirect prompt injection tests against affected workflows.
  • Document the owner, control gap, and remediation deadline for this risk class.

Source

https://thehackernews.com/2026/07/new-ghost-phishing-wave-is-breaking.html

Talk to AI CISO