Mondego Labs Blog

It is 3:28 p.m. on June 18, 2026, as I begin writing this article; this information will be useful later on. Yesterday, I received a notification alerting me to a website containing files with credentials stolen through a phishing attack. I took a look and found a site that masqueraded as Outlook and prompted users to enter their credentials. Once the credentials were captured, the system saved them to a text file. Since the stolen credentials appeared to be active, I immediately opened a ticket with Microsoft CERT. Microsoft confirmed that it had received the ticket via email at 5:38 p.m. Paris time on June 17. I decided to dig a little deeper into this site and first analyzed our data. ...

At Mondego Labs, we decided to kick off our journey in a different way: instead of posting grandiose messages on LinkedIn about how great we are, we decided to publicly launch Castor. ...