LinkedIn AiTM Defense
LinkedIn AiTM phishing, what actually happens, step by step
The attack in plain English. What gets captured, when reCAPTCHA matters, why li_at is the prize, and which …
LinkedIn AiTM Defense
Detecting LinkedIn AiTM, three queries and a Python monitor
SPL queries for credentials submitted to a non-LinkedIn domain, li_at replayed from a new ASN, and impossible travel …
LinkedIn AiTM Defense
Controls that break LinkedIn AiTM. FIDO2, CASB, and the ones that do not work
FIDO2 makes the attack structurally impossible. CASB session policies catch the rest. Password managers, security awareness, and SSO …
LinkedIn AiTM Defense
LinkedIn AiTM incident response runbook
Triage, contain, scope, notify, preserve evidence. The full sequence with exact LinkedIn URLs and timing expectations from real …
Phishing Redirect Abuse
Redirect Abuse in 2026: What Still Works
Most trusted-domain redirect tricks are dead in 2026. We tested every major platform — Google, YouTube, LinkedIn, Microsoft, …