Tycoon2FA hijacks Microsoft 365 accounts via device-code phishing

The Tycoon2FA phishing kit now supports device-code phishing attacks and abuses Trustifi click-tracking URLs to hijack ...
Tech Times

Microsoft 365 Phishing Kit Kali365 Bypasses MFA: FBI Warns Hundreds of Organizations Targeted

Microsoft 365 phishing attacks now bypass MFA entirely: a criminal subscription service called Kali365 tricks users into granting account access through legitimate Microsoft login pages, letting ...
Cyber Daily

Australian Signals Directorate warns of device code phishing activity targeting Microsoft 365 users

Aussie victims are being tricked into giving malicious actors access to their Microsoft 365 environments with the help of AI ...
Windows Report

FBI Warns Kali365 Can Bypass Microsoft 365 MFA Using OAuth Tokens

The FBI warns that Kali365 phishing attacks can bypass Microsoft 365 MFA by stealing OAuth session tokens through device code phishing.
CSO Online

Security experts caution MFA alone can no longer stop threat actors

Current campaigns are allowing even novice attackers to scoop up authentication tokens with increasing frequency, bypassing ...

Microsoft Confirms New And Widespread 2FA Code Attacks Ongoing

The Microsoft Defender Security Research Team has confirmed that a pervasive new authentication code attack is compromising hundreds of organizations daily.
Information Age

Australian Microsoft users warned of code phishing threat

Australia’s national cybersecurity agency says users of Microsoft 365 software should be wary of a "growing threat" from ...
CSOonline

Hackers exploit Microsoft OAuth device codes to hijack enterprise accounts

Cybercriminals and state-sponsored hackers are increasingly exploiting Microsoft’s legitimate OAuth 2.0 device authorization process to hijack enterprise accounts, bypassing multifactor authentication ...
Hosted on MSN

State actors are abusing OAuth device codes to get full M365 account access - here's what we know

Proofpoint reports phishing surge abusing Microsoft OAuth 2.0 device code flow Victims enter codes on real Microsoft domains, granting attackers access tokens Proofpoint advises blocking device code ...