Device code phishing attacks that abuse the OAuth 2.0 Device Authorization Grant flow to hijack accounts have surged more ...

A new wave of device code phishing shows how threat actors are scaling account compromise using AI and end‑to‑end automation.

The Microsoft Defender Security Research Team has confirmed that a pervasive new authentication code attack is compromising ...

The Microsoft Defender Security Research Team has confirmed that a pervasive new authentication code attack is compromising ...

The phishing-as-a-service toolkit leverages legitimate authentication to capture tokens and access Microsoft 365 services.

Threat actors using a previously undocumented phishing-as-a-service (PhaaS) platform called "VENOM" are targeting credentials ...

Microsoft Incident Response – Detection and Response Team (DART) researchers observed an emerging, financially motivated ...

A highly sophisticated phishing campaign that has systematically targeted C-suite executives & senior officers.

Compare the best multi-factor authentication software in 2026. See which MFA tools offer adaptive security, easy setup, and ...

EvilTokens, a newly identified phishing-as-a-service operation, is offering cybercriminals a ready-made way to hijack Microsoft accounts by abusing a legitimate sign-in process rather than stealing ...

Artificial intelligence does not exist in a vacuum. Behind every well-trained model, every accurate recommendation engine, ...