Device code phishing targets 340+ Microsoft 365 orgs since Feb 2026 via OAuth abuse, enabling persistent token hijacking and ...
Device code phishing attacks that abuse the OAuth 2.0 Device Authorization Grant flow to hijack accounts have surged more ...
A new malicious kit called EvilTokens integrates device code phishing capabilities, allowing attackers to hijack Microsoft ...
Device codes are alphanumeric or numeric codes employed for authenticating an account on a device that does not have a standard login interface, such as a browser or input-limited devices, where it is ...
Hosted on MSN
State actors are abusing OAuth device codes to get full M365 account access - here's what we know
Proofpoint reports phishing surge abusing Microsoft OAuth 2.0 device code flow Victims enter codes on real Microsoft domains, granting attackers access tokens Proofpoint advises blocking device code ...
Find My Device helps you locate your lost Android device or accessory. At the moment, it requires the device to be online and powered on to report its location. This caveat could go away soon, though, ...
Researchers have uncovered a sustained and ongoing campaign by Russian spies that uses a clever phishing technique to hijack Microsoft 365 accounts belonging to a wide range of targets, researchers ...
Strings of code offer more info on UWB tracking and AR support for Find My Device. The code appears to reference how the app would direct a user to their lost item. The features are not live yet. A ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results