WinBuzzer

Microsoft 365 Phishing Surge: Attackers Weaponize Legitimate Device Code Flow to Bypass MFA

Cybercriminals have launched a widespread phishing campaign exploiting Microsoft's OAuth device code flow to bypass MFA and ...
Redmond Magazine

Microsoft Highlights Certificate-Based Authentication and FIDO2 Security Advances

Microsoft cited progress on enabling phishing-resistant authentications for organizations, in a Friday announcement. The announcement highlighted FIDO2 preview support for iOS and MacOS apps, ...
Bleeping Computer

Microsoft: Hackers steal emails in device code phishing attacks

An active campaign from a threat actor potentially linked to Russia is targeting Microsoft 365 accounts of individuals at organizations of interest using device code phishing. The targets are in the ...