Bleeping Computer

Microsoft 365 accounts targeted in wave of OAuth phishing attacks

Multiple threat actors are compromising Microsoft 365 accounts in phishing attacks that leverage the OAuth device code authorization mechanism. Attackers trick victims into entering a device code on ...
CSO Online

Hackers exploit Microsoft OAuth device codes to hijack enterprise accounts

Proofpoint has warned about phishing campaigns abusing legitimate device authorization flow to bypass MFA and gain persistent ...
Bleeping Computer

New ConsentFix attack hijacks Microsoft accounts via Azure CLI

A new variation of the ClickFix attack dubbed 'ConsentFix' abuses the Azure CLI OAuth app to hijack Microsoft accounts without the need for a password or to bypass multi-factor authentication (MFA) ...
Infosecurity-magazine.com

OAuth Device Code Phishing Campaigns Surge Targets Microsoft 365

A surge in phishing campaigns abusing Microsoft’s OAuth device code authorization flow has been observed with multiple threat clusters using the technique to gain unauthorized access to Microsoft 365 ...
PC Magazine

The Best Security Suites for 2026

When the IBM PC was new, I served as the president of the San Francisco PC User Group for three years. That’s how I met PCMag’s editorial team, who brought me on board in 1986. In the years since that ...
NPR

National Security

December 31, 2025 • The U.S. military says it struck five alleged drug-smuggling boats over two days. The attacks killed eight people, while others jumped overboard and may have survived. U.S.
CNET

Best DIY Home Security Systems of 2025: Installed and Tested

Macy is a writer on the AI Team. She covers how AI is changing daily life and how to make the most of it. This includes writing about consumer AI products and their real-world impact, from ...
PC Magazine

The Best Smart Home Security Systems for 2026

Looking for an alarm system to make you feel more secure? We've tested all the top professional and DIY home security systems to help you decide which is right to protect your family and property.
Investopedia

Understanding Security Agreements: Key Provisions and Benefits

Dr. JeFreda R. Brown is a financial consultant, Certified Financial Education Instructor, and researcher who has assisted thousands of clients over a more than two-decade career. She is the CEO of ...

State actors are abusing OAuth device codes to get full M365 account access - here's what we know

Cybercriminals, including state-sponsored threat actors, are increasingly abusing Microsoft’s OAuth 2.0 device code authentication flow to take over Microsoft 365 accounts.
Space.com

NASA's Artemis 2 mission: Everything you need to know

Artemis 2 will be the first mission to carry humans to the moon's vicinity since 1972. When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. Artemis 2 ...

Microsoft 365 Accounts Reportedly Breached After Hackers Exploit Legitimate Microsoft OAuth Feature

The surge in attempts to compromise Microsoft 365 accounts has been enabled by readily available phishing tools.