SC Media and others describe phishing campaigns using QR lures, AiTM tactics, and device code abuse to bypass MFA and gain persistent access to Microsoft 365 accounts, emphasizing gaps in identity controls around device registration and token flows.
New EvilTokens service fuels Microsoft device code phishing attacks
EvilTokens abuses Microsoft device code flow for account takeovers
EvilTokens ramps up device code phishing targeting Microsoft 365 users
phishing campaign targeting Microsoft 365 that abuses the OAuth device code flow to trick victims into providing authentication codes.
Arctic Wolf has recently observed a phishing campaign targeting Microsoft 365 that abuses the OAuth device code flow to trick victims into providing authentication codes.
VENOM phishing campaign targets execs, bypassing MFA with AiTM and device code abuse
QR-based lures and stealth tactics enable persistent access to Microsoft 365 accounts.
reports @AbnormalAI.
Device code phishing attacks surge 37x as new kits spread online
hackers are exploiting the Iran-US-Israel conflict by sending fake missile alert emails and QR codes to push victims to steal Microsoft credentials.
Microsoft 365 Phishing Bypasses MFA via OAuth Device Codes
This finding is one of many signals tracked across Cyber Security. The live feed updates every few hours with new authority voices, debates, and emerging ideas.
← Back to Cyber Security