Device code phishing attacks surge 37x as new kits spread online

Device code phishing attacks that abuse the OAuth 2.0 Device Authorization Grant flow to hijack accounts have surged more ...
The Hacker News

Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse

Device code phishing targets 340+ Microsoft 365 orgs since Feb 2026 via OAuth abuse, enabling persistent token hijacking and ...
Arabian Post

EvilTokens turns Microsoft sign-ins into bait

EvilTokens, a newly identified phishing-as-a-service operation, is offering cybercriminals a ready-made way to hijack Microsoft accounts by abusing a legitimate sign-in process rather than stealing ...
Redmond Magazine

Microsoft Alters Azure Active Directory Refresh Token Settings

Microsoft has changed the default settings for Azure Active Directory refresh tokens, but just for new tenancies. Refresh token expirations were causing access frustrations for end users, Microsoft ...