2FA Code Attacks Surge As Russian Hackers Target Microsoft Users

Hackers thought to be aligned with China and Russia are suspected to be behind a wave of account takeover attacks targeting Microsoft 365 users.
Infosecurity Magazine

OAuth Device Code Phishing Campaigns Surge Targets Microsoft 365

A surge in phishing campaigns abusing Microsoft’s OAuth device code authorization flow has been observed with multiple threat ...
WinBuzzer

Microsoft 365 Phishing Surge: Attackers Weaponize Legitimate Device Code Flow to Bypass MFA

Cybercriminals have launched a widespread phishing campaign exploiting Microsoft's OAuth device code flow to bypass MFA and ...

Microsoft 365 accounts targeted in wave of OAuth phishing attacks

Multiple threat actors are compromising Microsoft 365 accounts in phishing attacks that leverage the OAuth device code ...

2025’s Top Phishing Trends and What They Mean for Your Security Strategy

Phishing attacks in 2025 increasingly moved beyond email, with attackers using social platforms, search ads, and ...

The growing threat of device code phishing and how to defend against It

Microsoft recently issued a warning about a particular device code phishing campaign being conducted by Storm-2372, where a supposed Russian-backed threat actor was wreaking havoc ...