State actors are abusing OAuth device codes to get full M365 account access - here's what we know

Proofpoint reports phishing surge abusing Microsoft OAuth 2.0 device code flowVictims enter codes on real Microsoft domains, ...
Security Boulevard

Surge of OAuth Device Code Phishing Attacks Targets M365 Accounts

Financially motivated and nation-state threat groups are behind a surge in the use of device code phishing attacks that abuse Microsoft's legitimate OAuth 2.0 device authorization grant flow to trick ...
Infosecurity Magazine

OAuth Device Code Phishing Campaigns Surge Targets Microsoft 365

A surge in phishing campaigns abusing Microsoft’s OAuth device code authorization flow has been observed with multiple threat ...

New ConsentFix attack hijacks Microsoft accounts via Azure CLI

A new variation of the ClickFix attack dubbed 'ConsentFix' abuses the Azure CLI OAuth app to hijack Microsoft accounts without the need for a password or to bypass multi-factor authentication (MFA) ...