The phishing-as-a-service toolkit leverages legitimate authentication to capture tokens and access Microsoft 365 services.

A new malicious kit called EvilTokens integrates device code phishing capabilities, allowing attackers to hijack Microsoft ...

Device code phishing targets 340+ Microsoft 365 orgs since Feb 2026 via OAuth abuse, enabling persistent token hijacking and ...

Close-up on a woman controlling the temperature of her smart home using a mobile app on a digital tablet - Andresr/Getty Images Smart home devices are supposed to make residences more efficient, ...

Claude Code has become increasingly popular in the first year since its launch, and especially in recent months, as developers and non-technical users alike flock to AI unicorn Anthropic's hit coding ...

Hackers are hijacking Microsoft enterprise accounts by abusing a legitimate device-code authentication feature, tricking victims into entering attacker-generated codes on Microsoft’s own login portal.

Unwitting employees register a hacker’s device to their account; the crook then uses the resulting OAuth tokens to maintain persistent access. Another device code phishing campaign that abuses OAuth ...

A study reported that the conventional method of searching follicular fluid didn’t find all the eggs. The new technology found extra eggs more than half the time. A viable egg found by the OvaReady ...

Google on Tuesday announced an expanded set of Android theft-protection features, designed to make its mobile devices less of a target for criminals. Building on existing tools like Theft Detection ...

Hackers are abusing a legitimate Microsoft authentication feature to break into enterprise Microsoft 365 accounts, even when multifactor authentication is enabled. Security researchers warn that ...

Since September 2025, a suspected Russia-aligned group known as UNK_AcademicFlare has executed a phishing campaign targeting Microsoft 365 credentials. The campaign mainly impacts entities in ...

A surge in phishing campaigns abusing Microsoft’s OAuth device code authorization flow has been observed with multiple threat clusters using the technique to gain unauthorized access to Microsoft 365 ...