Talos details ARToken, a PhaaS panel tied to EvilTokens that supports device code phishing, BEC workflows, SharePoint theft, ...
Attackers behind a password-spraying campaign targeting Microsoft Office 365 accounts have amassed dozens of victims by abusing a deprecated feature in OAuth 2.0 to ...
A new phishing-as-a-service (PhaaS) operation called Forg365 focuses on stealing Microsoft 365 accounts by combining ...
The FBI has warned about a phishing tool called Kali365 that can bypass two-factor authentication on Microsoft 365 accounts. The subscription-based kit uses OAuth device code flow to steal access ...
The FBI warned that Kali365 can hijack Microsoft 365 accounts by abusing device code authentication and capturing OAuth tokens. A new phishing service is turning a legitimate Microsoft login process ...
What happened A massive password spray campaign is targeting Microsoft 365 environments through Azure CLI authentication. Huntress warned that threat actors made more than 81 million login attempts ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results