Attackers Hijack Microsoft 365 Accounts Through OAuth Device Code Abuse Without Stealing Passwords Analysts at ANY.RUN has identified a sharp spike in phishing campaigns exploiting Microsoft’s OAuth Device Authorization Grant flow, with more than 180 malicious URLs detected within a single week. Unlike conventional credential harvesting, this technique routes victims through legitimate Microsoft authentication pages, making it substantially harder for security operations centers (SOCs) to catch the compromise […] The post https://cybersecuritynews.com/oauth-device-code-phishing-… . https://cybersecuritynews.com/oauth-device-code-phishing-…