CSO Online

EvilTokens abuses Microsoft device code flow for account takeovers

The phishing-as-a-service toolkit leverages legitimate authentication to capture tokens and access Microsoft 365 services.

New EvilTokens service fuels Microsoft device code phishing attacks

A new malicious kit called EvilTokens integrates device code phishing capabilities, allowing attackers to hijack Microsoft ...
Security Boulevard

The Trivy Compromise: The Fallacy of Secrets Management and the Case for Workload Identity

The Trivy incident exposed a credential architecture failure, not just a supply chain one. Here’s the case for workload ...
The Hacker News

Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse

Device code phishing targets 340+ Microsoft 365 orgs since Feb 2026 via OAuth abuse, enabling persistent token hijacking and ...
CSOonline

Hackers exploit Microsoft OAuth device codes to hijack enterprise accounts

Cybercriminals and state-sponsored hackers are increasingly exploiting Microsoft’s legitimate OAuth 2.0 device authorization process to hijack enterprise accounts, bypassing multifactor authentication ...
Investopedia

Authorization Code: Definition, Uses, and Functions Explained

Will Kenton is an expert on the economy and investing laws and regulations. He previously held senior editorial roles at Investopedia and Kapitall Wire and holds a MA in Economics from The New School ...
Forbes

2FA Code Attacks Surge As Russian Hackers Target Microsoft Users

Microsoft 365 is under attack, China and Russia afflited hackers suspected. Updated December 23 with advice from a mobile security solutions expert regarding the Russian device code attacks targeting ...