National Cyber Warfare Foundation (NCWF)

Hackers Abuse Microsoft OAuth Device Code Flow to Take Over Microsoft 365 Accounts
0 user ratings		2026-06-16 09:35:18
milo
Red Team (CNA)

An active campaign in which attackers are abusing Microsoft’s OAuth 2.0 Device Authorization Grant (device code) flow to take over Microsoft 365 accounts. Rather than capturing credentials with a fake login page, the threat actors persuade victims to complete a genuine Microsoft authentication process that, unbeknownst to them, authorizes an attacker-controlled “device.” The result: fully […]


The post Hackers Abuse Microsoft OAuth Device Code Flow to Take Over Microsoft 365 Accounts appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.



Mayura Kathir

Source: gbHackers
Source Link: https://gbhackers.com/microsoft-oauth-device-code-abused/

Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
Red Team (CNA)


Copyright 2012 through 2026 - National Cyber Warfare Foundation - All rights reserved worldwide.