Attackers are using Microsoft’s OAuth 2.0 Device Authorization Grant (device code) flow in a campaign to take control of Microsoft 365 accounts. The attack starts with a fake email that looks like it’s approving a quote from a supplier. The message has two parts: an HTML file that shows an image using a Content ID … Continue reading Phishing Campaign Exploits Legitimate Microsoft Login Flow