The Hacker News

Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse

Device code phishing targets 340+ Microsoft 365 orgs since Feb 2026 via OAuth abuse, enabling persistent token hijacking and ...

Microsoft 365 Under Siege: Phishing Campaign Bypasses MFA Across 5 Countries

A global phishing campaign targeting Microsoft 365 bypasses security codes using a legitimate login feature, impacting ...
Ars Technica

Russian spies use device code phishing to hijack Microsoft accounts

Overlooked attack method used since last August in a rash of account takeovers. Well, this sucks. But the target list makes sense, from the perspective of an enemy attacking. Ed: trying to be sure the ...
Hosted on MSN

If you dread a Microsoft Teams invite, just wait until it turns out to be a Russian phish

Digital thieves – quite possibly Kremlin-linked baddies – have been emailing out bogus Microsoft Teams meeting invites to trick victims in key government and business sectors into handing over their ...
Yahoo

Russian cyberattackers spotted hitting Microsoft Teams with new phishing campaign

A new phishing campaign has been spotted using ‘device code phishing’ through Microsoft Teams to target governments, NGOs, and other industries across Europe, North America, Africa, and the Middle ...
Yahoo

State-linked and criminal hackers use device code phishing against M365 users

Microsoft's headquarters in Redmond, Washington, on July 3, 2024. The tech giant is leaning on its channel partners to accelerate enterprise AI adoption. This story was originally published on ...
Forbes

2FA Code Attacks Surge As Russian Hackers Target Microsoft Users

Microsoft 365 is under attack, China and Russia afflited hackers suspected. Updated December 23 with advice from a mobile security solutions expert regarding the Russian device code attacks targeting ...
Que.com on MSN

FBI warns of Russian phishing targeting Signal and WhatsApp users

FBI Warns of Russian Phishing Targeting Signal and WhatsApp Users Cybersecurity officials are sounding the alarm after the FBI warned ...
Bleeping Computer

Dutch govt warns of Signal, WhatsApp account hijacking attacks

Russian state-sponsored hackers have been linked to an ongoing Signal and WhatsApp phishing campaign targeting government officials, military personnel, and journalists to gain access to sensitive ...