The threat actor known as ToddyCat has been observed adopting
new methods to obtain access to corporate email data belonging to
target companies, including using a custom tool dubbed
TCSectorCopy. "This attack allows them to obtain tokens for the
OAuth 2.0 authorization protocol using the user's browser, which
can be used outside the perimeter of the compromised infrastructure
to access
Read more https://thehackernews.com/2025/11/toddycats-new-hacking-tools-steal.html
