Bleeping Computer

Hackers target Microsoft Entra accounts in device code vishing attacks

KnowBe4 recommends that Microsoft 365 account holders block the malicious domains and sender addresses, audit and revoke suspicious OAuth app consents, and review Azure AD sign-in logs for device code ...
Bleeping Computer

Microsoft: Hackers steal emails in device code phishing attacks

An active campaign from a threat actor potentially linked to Russia is targeting Microsoft 365 accounts of individuals at organizations of interest using device code phishing. The targets are in the ...