Logo
Log in
Subscribe
Logo
Oliver Buchannon
S6 Tech

Military background. Cybersecurity focus. Translating ransomware threats into SMB action plans.

Phishing Kits Now Bypass Microsoft 365 MFA in Real Time

Jul 7, 2026

•

8 min read

Phishing Kits Now Bypass Microsoft 365 MFA in Real Time

New phishing-as-a-service kits capture Microsoft 365 passwords, MFA codes, and session tokens in real time. Here's the one setting that shuts them down.

S6 Tech
S6 Tech
Your IT Provider's Remote Tool Is the Target Now

Jun 30, 2026

•

9 min read

Your IT Provider's Remote Tool Is the Target Now

A critical SimpleHelp flaw is being actively exploited to steal credentials across Windows, Mac, and Linux. Plus: KrebsOnSecurity named the administrator behind The Gentlemen, and PRODAFT confirmed the group is using AI to build its ransomware.

S6 Tech
S6 Tech
When ransomware stops asking for a ransom

Jun 23, 2026

•

11 min read

When ransomware stops asking for a ransom

A new ransomware leaves no note. AI is compressing attack timelines from days to hours. Why backups are no longer the fallback plan, plus this week's intelligence: The Gentlemen hit Mackay Sugar, Aurora's enterprise breach spree, and a sharp drop in healthcare hits.

S6 Tech
S6 Tech
The Door You Forgot You Opened

Jun 17, 2026

•

9 min read

The Door You Forgot You Opened

ShinyHunters pulled 137,000 accounts through a Salesforce connector. Your tenant has the same shape. The audit takes 15 minutes.

S6 Tech
S6 Tech
Qilin weaponizes a Check Point VPN zero-day

Jun 9, 2026

•

10 min read

Qilin weaponizes a Check Point VPN zero-day

Active exploitation confirmed before the patch shipped. Silent Ransom Group is calling law firms by name. Healthcare snapped back to 14 victims.

S6 Tech
S6 Tech
The Gentlemen ransomware now spreads itself

Jun 2, 2026

•

9 min read

The Gentlemen ransomware now spreads itself

Microsoft documents 21 simultaneous propagation methods. Plus Carnival's six-million-record breach, a WordPress campaign hiding in Steam profiles, and healthcare targeting resumes after a one-week pause.

S6 Tech
S6 Tech
The FBI just named the phishing service that bypasses your MFA

May 30, 2026

•

9 min read

The FBI just named the phishing service that bypasses your MFA

Plus DragonForce takes the top spot by hunting small CPAs and insurance agencies

S6 Tech
S6 Tech
The MFA-Bypass Kit Is Now for Rent

May 19, 2026

•

10 min read

The MFA-Bypass Kit Is Now for Rent

Tycoon2FA hits 344 organizations with device-code phishing, healthcare takes its sixth straight week of targeting, and the NPM supply chain catches Mistral AI and Grafana.

S6 Tech
S6 Tech
The Google Ad That Installs Malware

May 12, 2026

•

17 min read

The Google Ad That Installs Malware

Three AI-tool malvertising campaigns hit in one week — including a Claude AI ad that leads to macOS malware. Plus: Akira just displaced Qilin as the top ransomware actor.

S6 Tech
S6 Tech
The MFA You're Using Probably Doesn't Work Anymore

May 5, 2026

•

17 min read

The MFA You're Using Probably Doesn't Work Anymore

A 35,000-user phishing campaign captures passwords and authenticator codes in real time; healthcare hits a fourth straight week; Trellix and Canvas LMS confirm vendor breaches.

S6 Tech
S6 Tech
When the Phone Becomes the Exploit

Apr 28, 2026

•

16 min read

When the Phone Becomes the Exploit

ShinyHunters turns vishing into an industrial pipeline as healthcare targeting hits a three-week consensus.

S6 Tech
S6 Tech
Your IT Helpdesk Is the Bait

Apr 21, 2026

•

14 min read

Your IT Helpdesk Is the Bait

How one Teams message becomes full network compromise in under an hour: plus the 10-minute fix

S6 Tech
S6 Tech
They Didn't Hack You. They Hacked Your Vendors

Apr 14, 2026

•

1 min read

They Didn't Hack You. They Hacked Your Vendors

Booking.com breach, ShinyHunters supply-chain attack, and a 3× surge in healthcare targeting

S6 Tech
S6 Tech
Device Code Phishing Surged 3,700% | And Your MFA Won't Stop It

Apr 7, 2026

•

1 min read

Device Code Phishing Surged 3,700% | And Your MFA Won't Stop It

One 5-minute setting blocks the attack. Plus: "The Gentlemen" claim 53% of this week's ransomware victims, and water engineering firms are in the crosshairs.

S6 Tech
S6 Tech
Your Macs Aren't Safe Anymore

Mar 31, 2026

•

1 min read

Your Macs Aren't Safe Anymore

New malware targets macOS, a data marketplace guarantees your breach gets monetized, and 97 organizations learned the hard way this week.

S6 Tech
S6 Tech
S6 Ransomware Signal — March 26, 2026

Mar 26, 2026

•

1 min read

S6 Ransomware Signal — March 26, 2026

Your MFA isn't stopping modern phishing attacks. Here's what to do about it.

S6 Tech
S6 Tech

Welcome

+1

Start Here: What You Need to Know

Mar 26, 2026

•

2 min read

Start Here: What You Need to Know

Welcome to S6 Ransomware Signal: Here's who I am and what to expect

S6 Tech
S6 Tech

S6 Ransomware Signal

Weekly ransomware news and protection tactics for SMBs who don't have a security team.

© 2026 S6 Ransomware Signal.
beehiivPowered by beehiiv