An attacker running a live Microsoft 365 phishing operation
left a Python web server listening on a public port with directory
listing switched on. The command that did it: python3 -m
http.server 8080, was still sitting in the
readable .bash_history. From that one lapse, French security
firm Lexfo lifted the operator's entire toolkit and
pivoted through it to two more
Read more https://thehackernews.com/2026/07/misconfigured-server-reveals-three.html

